RE: [cobalt-users] raq3 ssl

[Rodolfo Paiz <rpaiz@xxxxxxxxxxxxxx>]

> -----Original Message-----
> From: cobalt-users-admin@xxxxxxxxxxxxxxx
> [mailto:cobalt-users-admin@xxxxxxxxxxxxxxx]On Behalf Of Dave Raza
> Sent: Tuesday, September 05, 2000 4:03 PM
> To: cobalt-users@xxxxxxxxxxxxxxx
> Subject: RE: [cobalt-users] raq3 ssl
> 
> 
> > while using netscape the following is returned:
> >
> > Warning! Although this document is secure, the information you have
> > submitted is insecure and could be observed by a third party while
> > in transit. If you are submitting passwords, credit card numbers, or
> > other information you would like to keep private, it would be safer
> > for you to cancel the submission.
> >
> > What do we need to do to get this to go away?
> >
> > we are using a self signed certificate
> 
> I believe you have to use a recognised certificate such as 
> Verisign, Thwarte etc as the self signed certificate can not be
> verified by the browser.
> 
> ..but I could be wrong :-)

Having a self-signed certificate does not in any way make the data
insecure while in transit, and *shouldn't* generate this particular
error message. If that were the problem, Netscape should be telling
the user that it can't verify the ownership of the certificate and
that the user should only send the data if he/she is totally sure
that the certificate is authentic.

This particular message says that "the document is secure" but "the
information you have submitted is insecure" and "could be observed...
in transit." I'd guess (note, GUESS) that the problem lies in how
the info is being sent/served, not in the self-signature of the
certificate.

Can't offer more detailed attempts at help without more data from
the original poster.

------
Rodolfo J. Paiz
rpaiz@xxxxxxxxxxxxxx <mailto:rpaiz@xxxxxxxxxxxxxx>