On 1/9/07, Peter Crowther <[EMAIL PROTECTED]> wrote:
> From: robert lazarski [mailto:[EMAIL PROTECTED]
> http://alpha-web01.alphatheory.com/atdev/
The cert's issued to dpt.alphatheory.com; you're testing connections to
alpha-web01.alphatheory.com. Any sensible browser will scream at that
difference. If they didn't, crackers would be able to get a cert for
www.somesillyname.com, install it on a spare server, poison the DNS for
www.amazon.com and the browsers wouldn't scream as they were redirected.
You will get errors from every browser with that cert unless/until they
connect to https://dpt.alphatheory.com.
- Peter
Thanks a bunch for the explanation and your time!
Robert
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
