From f16fc1eb4f82760a516dcf5e49257036f2c01aca Mon Sep 17 00:00:00 2001 From: sasiflo Date: Thu, 10 Apr 2014 23:41:18 +0200 Subject: Added some more details about why browser-valid SSL certificates must be used when SSL is used at all. It is now in the check failure message in the installation routine, the installation readme and in the documentation pages. --- install/INSTALL.txt | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) (limited to 'install/INSTALL.txt') diff --git a/install/INSTALL.txt b/install/INSTALL.txt index 65efa9cfe..c23cf740e 100644 --- a/install/INSTALL.txt +++ b/install/INSTALL.txt @@ -33,7 +33,23 @@ Put some thought into this - because changing it is currently not-supported. Things will break, and some of your friends may have difficulty communicating with you. We plan to address this limitation in a future release. -Decide if you will use SSL and obtain an SSL cert before software installation. You SHOULD use SSL. If you use SSL, you MUST use a "browser-valid" certificate. Please test your certificate prior to installation. A web tool for testing your certificate is available at "http://www.digicert.com/help/". When visiting your site for the first time, please use the SSL ("https://") URL if SSL is available. This will avoid problems later. +Decide if you will use SSL and obtain an SSL certificate before software +installation. You SHOULD use SSL. If you use SSL, you MUST use a +"browser-valid" certificate. You MUST NOT use self-signed certificates! + +Please test your certificate prior to installation. A web tool for testing your +certificate is available at "http://www.digicert.com/help/". When visiting your +site for the first time, please use the SSL ("https://") URL if SSL is +available. This will avoid problems later. The installation routine will not +allow you to use a non browser-valid certificate. + +This restriction is incorporated because public posts from you may for example +contain references to images on your own hub. If your certificate is not known +by the internet browser of users they get a warning message complaining about +some security issues. Although these complains are not the real truth - there +are no security issues with your encryption! - the users may be confused, +nerved or even worse may become scared about Red Matrix having security issues. +Use one of the free certification instances! 1. Requirements -- cgit v1.2.3