is a self signed certificate always invalid the first time?

Noel Butler noel.butler at ausics.net
Fri Aug 18 12:22:38 EEST 2017


On 18/08/2017 17:12, voytek at sbt.net.au wrote:

> BUT, for a public web server where https is becoming mandatory, I'd still
> need a certificate from a recognized publisher, to avoid users geting
> 'warnings', is that so ?
> 
> (I'm currently using self issued for both mail and web)
> 
> thanks,
> 
> V

It depends on what you're uses are, self signed certs are OK for
smtp/pop3/imap, since most people are just concerned with "encryption"
in that case, but a different story if its web content, in particular,
shopping carts and the like, If you have clients content, definitely use
a real cert, maybe in 10 years letsencrypt might make the grade, but
until every bit of software and OS supports it and they offer insurance
levels like the bi boys do, you might as well be using a self signed
cert,  comodo are pretty cheap with basic insurance level on even the
most basic of their offerings. Do your research, though if using a paid
service, since some others are soon to be un-trusted. 

-- 
Kind Regards, 

Noel Butler 

 		This Email, including any attachments, may contain legally privileged
information, therefore remains confidential and subject to copyright
protected under international law. You may not disseminate, discuss, or
reveal, any part, to anyone, without the authors express written
authority to do so. If you are not the intended recipient, please notify
the sender then delete all copies of this message including attachments,
immediately. Confidentiality, copyright, and legal privilege are not
waived or lost by reason of the mistaken delivery of this message. Only
PDF [1] and ODF [2] documents accepted, please do not send proprietary
formatted documents 

 

Links:
------
[1] http://www.adobe.com/
[2] http://en.wikipedia.org/wiki/OpenDocument
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20170818/b7617474/attachment.sig>


More information about the dovecot mailing list