On Mon, Nov 30, 2015 at 02:29:30PM -0600, Derek Martin wrote:
> It only claims that the certificate the server is using is
> self-signed, meaning that it can't be validated as belonging to anyone
> in particular by the big certificate trusts. If you're willing to
> look at it without SSL entirely, then who cares if the cert doesn't
> validate?
Just a side note: there are corporate/school networks that access the
Internet through a proxy and some of them are now SSL-aware. I have
seen one where the proxy validated the certificate chain and blocked
access if the server cert wasn't using an issuer known to the proxy.
So most SSL sites still worked fine, but I was blocked from accessing
my own SSL server because it used a self-signed cert, *even though*
non-SSL access to the same server was allowed by the same proxy.
-Dave Dodge/dodo...@dododge.net
