Re: OT: TomCat WebCerts and Linux?

Hi Mark :)
Thanks, I reviewed all replies ... Especially James and yours as
there was some really good information there!

This is a case of "internal self-signed certificate with a internal
CA" so James' info was very much in the 'pipe' for targeting...

Unfortunately, our workaround of using FireFox will have to bide us
for a while longer... The SysAdmins and the Cert Admin are pondering
this ... And our BlueCoat conversion project just got re-prioritized
waaaayyy above the cert situation since we have a workaround for the
cert situation.

Stay tuned... I will be back to it in a while :)

Art "knee-deep in the hoopla" Bahrs

P.s. Since we are watching "It' a Wonderful Life" in the real life...
Does that mean life is just a movie? Hehehe

Or as another fun late night ponderance (based on a Robin Williams
routine) goes:
Life is but a Dream,
Reality is what we call Life,
Q.E.D. Reality is a Dream....


Art Bahrs, CISSP
Security Engineer
Providence Health & Services
Arthur.Bahrs@xxxxxxxxxxxxxx
Phone: 503-216-2722

-----Original Message-----
From: Mark Wonsil [mailto:wonsil@xxxxxxxxxx]
Sent: Friday, September 26, 2008 3:51 AM
To: Bahrs, Art; HP3000-L@xxxxxxxxxxxxx
Subject: RE: [HP3000-L] OT: TomCat WebCerts and Linux?

I am exploring the suggestions and trying to sterilize the info so
I can post more info... But I think James may have set me on the right

direction

James has most certainly hit the nail on the head. Most people don't go
out and buy an SSL cert when they're playing with new technology. I'm
sure you have a self-signed cert.

In our case, we didn't mind the certificate warning when it was
employees who were getting it but soon we'll be having customers and
suppliers accessing our online systems. So pay attention to James's
advice when you do go a get an SSL cert and think about the number of
domains and/or IP addresses and use the subjectAltName feature in your
request. We didn't and it required some extra work.

Mark W.



DISCLAIMER:
This message is intended for the sole use of the addressee, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the addressee you are hereby notified that you may not use, copy, disclose, or distribute to anyone the message or any information contained in the message. If you have received this message in error, please immediately advise the sender by reply email and delete this message.

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

.

Relevant Pages

  • Re: Pauls son making an LP with dad
    ... Now James lives in a cushy flat and drives his ... you wait until 30 to stop hanging, you're usually screwed for life. ... Being rich and famous can have a downside. ... is to make real friends or have a real love life. ...
    (rec.music.beatles)
  • New Book: The Life & Works Of James ONeill
    ... The Philadelphia launch of "The Scribe: The Life and Works of James ... meeting of Francis O'Neill and James O'Neill in Chicago's Irish ...
    (rec.music.celtic)
  • Re: Did Snape actually owe James a life debt?
    ... Dumbledore did say that Snape and James ... >>already detested each other before James saved Snape's life. ... >>told Harry this story. ...
    (alt.fan.harry-potter)
  • Re: JSH: Whats happening now?
    ... If the NSA can't use results, ... >> what people believe is mathematically true, ... There is everything about your life, and there is everything about your ... > James, do you really believe that the theorem is useful ...
    (sci.math)
  • Re: But why was the choice given? Was avada Kedavra and the prophecy
    ... >>>James Died in an attempt to protect his family. ... >>>she gave Harry NO OPTIONS. ... Voldemort came in & just AK'd him. ... > basic reason - Lily had no reason to believe that giving her life would ...
    (alt.fan.harry-potter)