One reason I can think of is that if you wanted to PREVENT anyone WITHOUT the certificate from accessing your site.
That is, you could mail out diskettes with the cert file to use as a perimeter defense.
| David Schwartz <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED] 09/24/2004 02:31 AM
|
To: [EMAIL PROTECTED] cc: Subject: Re: Mac users bypass SSL |
kloomis wrote:
> Hello:
>
> I am using SSL with Apache 2.0 to run a "secure" website. The problem I
> have is that Mac users using Internet Explorer open the site without
> encryption. They access it via an https:\\ address but they don't get
> asked to accept a security certificate and the site opens for them. PC
> users are required to accept the certificate before they get access.
>
> How can I fix this.
It's not clear to me why you think this is a problem. If there is some
reason they should be required to accept the security certificate, and
they aren't being required to, then it's a problem. But if there's no
reason they should be required to accept the certificate, then it's not
a problem if they're not being required to.
So what is the reason that they should be forced to accept the certificate?
DS
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
