outdated ssl cert

what does a self-signed outdated ssl cert worth? [https]

could it be tricked [https] in a way, that the end user will not
recognize? [e.g. he already accepted the cert one time, and the browser
would warn her, if it been ""attacked""?]

...I mean does an outdated self-signed certificate give the same security
as a normal cert?

thanks


------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe [at] httpd.apache.org
" from the digest: users-digest-unsubscribe [at] httpd.apache.org
For additional commands, e-mail: users-help [at] httpd.apache.org
Vadkan Jozsef [ Sa, 16 Januar 2010 17:58 ] [ ID #2028964 ]

Re: outdated ssl cert

On 16-Jan-2010, at 09:58, Vadkan Jozsef wrote:
> does an outdated self-signed certificate give the same security
> as a normal cert?


An outdated cert, self-signed or not, is invalid. So, no.

--
'An appointment is an engagement to see someone, while a morningstar is =
a large lump of metal used for viciously crushing skulls. It is =
important not to confuse the two.' --Men at Arms


------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe [at] httpd.apache.org
" from the digest: users-digest-unsubscribe [at] httpd.apache.org
For additional commands, e-mail: users-help [at] httpd.apache.org
LuKreme [ So, 17 Januar 2010 00:29 ] [ ID #2028999 ]

Re: outdated ssl cert

On Jan 16, 2010, at 11:58 AM, Vadkan Jozsef wrote:

> what does a self-signed outdated ssl cert worth? [https]
>
> could it be tricked [https] in a way, that the end user will not
> recognize? [e.g. he already accepted the cert one time, and the
> browser
> would warn her, if it been ""attacked""?]
>
> ..I mean does an outdated self-signed certificate give the same
> security
> as a normal cert?
>
> thanks
>
>

You can always create a non-outdated self-signed certificate, so what =

is the problem=F3 ?=

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe [at] httpd.apache.org
" from the digest: users-digest-unsubscribe [at] httpd.apache.org
For additional commands, e-mail: users-help [at] httpd.apache.org
janos.lobb [ Di, 19 Januar 2010 21:04 ] [ ID #2029183 ]
Webserver » gmane.comp.apache.user » outdated ssl cert

Vorheriges Thema: can we run two SSL domains on one IP
Nächstes Thema: How to set multisites: same domain, different path, one ip address

[ Startseite ] [ Administrator ] [ Suche ] [ Hinweise ] [ Impressum ]

Powered by FudForum