From f16fc1eb4f82760a516dcf5e49257036f2c01aca Mon Sep 17 00:00:00 2001 From: sasiflo Date: Thu, 10 Apr 2014 23:41:18 +0200 Subject: Added some more details about why browser-valid SSL certificates must be used when SSL is used at all. It is now in the check failure message in the installation routine, the installation readme and in the documentation pages. --- mod/setup.php | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'mod/setup.php') diff --git a/mod/setup.php b/mod/setup.php index 02c2268ce..07ad34ac5 100755 --- a/mod/setup.php +++ b/mod/setup.php @@ -551,7 +551,14 @@ function check_htaccess(&$checks) { if(strstr($a->get_baseurl(),'https://')) { $test = z_fetch_url($a->get_baseurl() . "/setup/testrewrite",false,0,array('novalidate' => true)); if($test['success']) { - check_add($checks, t('SSL certificate validation'),false,true, t('SSL certificate cannot be validated. Fix certificate or disable https access to this site.')); + $help = t('SSL certificate cannot be validated. Fix certificate or disable https access to this site.') . EOL; + $help .= t('If you use https access, you MUST use a certification instance known by all internet browsers. You MUST NOT use self-signed certificates!') . EOL; + $help .= t('This restriction is incorporated because public posts from you may for example contain references to images on your own hub. If your') . EOL; + $help .= t('certificate is not known by the internet browser of users they get a warning message complaining about some security issues. Although') . EOL; + $help .= t('these complains are not the real truth - there are no security issues with your encryption! - the users may be confused, nerved or even') .EOL; + $help .= t('worse may become scared about redmatrix having security issues. Use one of the free certification instances!') . EOL; + + check_add($checks, t('SSL certificate validation'),false,true, $help); } } } -- cgit v1.2.3