Orxonox

The hottest 3D action shooter ever to exist
https://forum.orxonox.net/

Orxonox SSL certificate

https://forum.orxonox.net/viewtopic.php?f=27&t=21

Page 1 of 1

Orxonox SSL certificate

Posted: Tue Oct 31, 2006 7:38 pm
by Nowic
Am I the only one who cannot accept the Orxonox SSL certificate? Every time I visit the Orxonox Wiki/forum in a new firefox or epiphany session, I have to accept it again. It's annoying if you have to use the Orxonox infrastructure often.

The certificate was generated: 30.08.2006
and expires: 29.09.2006
... so it's not valid anymore.

Maybe the Noxons should generate a new SSL certificate... or is the Noxonian server not properly synchronized with our time/date? :roll:
Maybe we should switch to certificates signed by the Asheroc... they are supposed to have more advanced technologies! :wink:

Posted: Tue Oct 31, 2006 9:22 pm
by hofzge
Hei Nowic
I also have this problem everytime I come here to the forum or to the Wiki. Quite annoying - I am in favor of Asheroc certificates!

Posted: Wed Nov 01, 2006 8:13 am
by beni
I still think we should travel back in time anyway.

Uhm, yes of course I have the same problem :D

Posted: Thu Nov 02, 2006 12:17 am
by patrick
Hehe, I like this :mrgreen: but I don't like the message: "someone please make a new certificate"

:shock:

I really don't like it...

but I will see, what I can do :wink:

Posted: Thu Nov 02, 2006 8:17 am
by hofzge
Well I know that this thread may sound kind of harsh, but that was not the intention.
But this goes with all the "make Orxonox sexy" stuff: If someone stumbles upon this realm of information he will be turned off by these certificate messages and might not return! :shock:
Now that we have fans from all over the world, we need to manage this fan base and give these people what they want... or something like that.

I know that I am kind of a petty bureaucrat, but my only intention is that an article about Orxonox can be published in some gaming magazine by the end of this semester. If this were to happen (and I would be most delighted to write such an article) Orxonox would instantly become much more famous and I guess that this would also attract a lot of potential programmers, modlers and other creators.

I don't know if you agree with this, therefore I will open a new thread and a vote.

Posted: Wed Jan 10, 2007 4:16 pm
by Nowic
*push*

I searched for it... and I would even do it! give me root :x

http://gentoo-wiki.com/Apache_Modules_mod_ssl
http://slacksite.com/apache/certificate.html

Posted: Tue Jan 16, 2007 8:45 pm
by patrick
It has been done!

Posted: Tue Jan 16, 2007 10:03 pm
by nicolasc
Was about time...

Posted: Tue Jan 16, 2007 10:14 pm
by Nowic
Thx!

Posted: Thu Feb 22, 2007 8:44 am
by patrick
The problem with signatures is, that they need to be signed by some authority. Therefore building a chain of trust. Our signature @ orxonox has no trust, because we signed it ourselfs, showing the trust in ourselfs :D

However what you may look for is a certificate for people not for webservers. I think there may be a judicial difference between these two and only one will be valid.

I don't think that you will find many suppliers for such a thing and if so be alerted for faked signatures and untrusty chains of trust.

Posted: Thu Feb 22, 2007 8:59 am
by bensch
Has anyone had any experience with digital signatures and are there any cheap ways of getting it? Do you frequently have to use such a signature?
Yes, there is an open source solution for what you are looking for. It is called PGP and is used to certify the sender and encrypt/decrypt mails. The problem is that the receiver has no way of telling that you are the one you claim to be, until your PGP-key was signed by him. This signing can build a chain of trust which is essentially the same as the certificate validation process of a Web-server certificate.

So unless you have a PGP-chain of trust to the receiver your signing is the same as no signing.

But PGP is cool and if you have it some time you can very soon have a chain of trust to Linus himself :D

Posted: Thu Feb 22, 2007 9:01 am
by bensch
BTW: I do not think that there is anyone in the world, who has a private SSL-certificate for himself... but there are always crazy people like me, that want to have an IP for their towels :D (Please watch South Park for more on this topic :))

Posted: Thu Jan 31, 2008 11:18 pm
by beni
As you know we use the same certificate for the forum, the page and everything. With the website change the certificate does not fit anymore anywhere.

Firefox 3.0 does not just ask you if you think this is identity theft, it just does not display the page at all.
This leaves us with the problem, that everyone who uses Firefox 3 cannot access the forum or the page using a secure channel. I haven't found anything to change that feature except adding a explicit exception for the Orxonox certificate on the website AND the forum.
This is quite bothersome for the average user. Accepting the certificate is one thing, adding exception for every page the certificate does not fit for is a bit too much to ask for from our visitors.

Posted: Sat Feb 16, 2008 12:16 pm
by nicolasc
I finally had the time to upgrade our certificate...

Fingerprints:
SHA1: 44D1 C6F0 31C6 BF99 83EA 9EBF 3901 7F94 A2D5 FFCC
MD5: C5EB 188D 1E06 E1FF 17C1 E147 2618 CCBF

cheers
nico
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/