Webmail Frontend to mailboxes.

Sat Jan 8 22:23:47 PST 2005

> -----Original Message-----
> From: Tabor Kelly [mailto:tkelly-freebsd-questions at taborandtashell.net]
> Sent: Friday, January 07, 2005 11:54 PM
> To: Ted Mittelstaedt
> Cc: Peter Risdon; Colin J. Raven; FreeBSD Questions
> Subject: Re: Webmail Frontend to mailboxes.
>
>
> Ted Mittelstaedt wrote:
>
> <snip>
>
> > 5) many issues with getting Apache mod-SSL running properly with a
> > self-signed
> > key  (you have to generate it manually with openssl, the apache
> docs that
> > say use make key or whatnot don't work)
>
> I am not doubting you that this was an issue. But it is now documented
> quite nicely in the mod_ssl faq

As I said, gotchas that were serious EARLIER ON.

> (http://www.modssl.org/docs/2.8/ssl_faq.html). Also (as a side note), I
> use CAcert (http://www.cacert.org) for my key signing needs.
>

Pointless for us, as CAcert's root certificate isn't included in I.E., so
the
end users have to go through the same honky-tonk to include it in their
browsers as if you just make your own certs.

We use self-signed certs for a great many production items - e-mail
webinterface,
account stats, imaps, etc. basically anything that a password would go over.
Never had a customer have a problem inserting our self-signed cert into
their browser, never had any complaints about it either.

Only thing we don't do is take credit card#'s online - not because of the
SSL issues, but because our credit card processing software is so old that
we would either have to pay $500 for an update to it, or the bank requires
us to only take #'s by phone or in person.  So far nobody here has thought
up a good enough reason to pay a bank $500 for new software just to be
able to do this when the old software runs fine.  We kind of feel that since
the bank is saving money by not having to manually process a pack of CC
paper slips, that we shouldn't be the ones paying for software to help
the bank save itself money, you know?  Maybe if it was some other
vendor than a bank....

Ted