What would be the use of a self signed cert that is not automatically checked? If you see a warning how can you be sure that the cryptographic key used is correct? Just manually checking the common name displayed lowers the security to almost zero. A big additional disadvantage is that one gets used to ignoring security warnings.
Setting up a "CA" is quite easy and installing the new root certificate in the root store of the devices used is also quite easy.
I switched to a certificate from startssl and of course I generated the key pair on my own and transferred only the CSR (certificate signing request).
Am 24. November 2016 16:37:48 MEZ, schrieb Steve Litt slitt@troubleshooters.com:
On Thu, 24 Nov 2016 07:52:51 +0100 (CET) Steffen Kaiser skdovecot@smail.inf.fh-brs.de wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Wed, 23 Nov 2016, Steve Litt wrote:
On Wed, 23 Nov 2016 16:04:22 -0600 (CST) Greg Rivers gcr+dovecot@tharned.org wrote:
$ strings $(whence alpine) | grep '^/.*certs$' /etc/ssl/certs
The directory or the certs isn't the problem. Alpine sees the self-signed cert I just made, but complains because it's self-signed, and gives me the choice between saying "yes" every time, and just not checking for certs at all.
"sees the self-signed cert"? Did you've added it as trusted to the CA as Greg said and wrote what to do?
No. I don't want to deal with a third party "Trusted Party": I want it self-signed. What I was looking for was a way Alpine could be set to check for a cert, warn if the cert is conflicting, but not warn if it's self-signed.
Thanks,
SteveT
Steve Litt November 2016 featured book: Quit Joblessness: Start Your Own Business http://www.troubleshooters.com/startbiz
-- Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet.