|
|
On 2/22/2019 1:53 PM, Jim Henderson wrote:
> Yeah, not using https would work, but your connection won't be encrypted.
>
> It's not a frame issue, though - you'd get a different message if you
> were serving up unencrypted data and encrypted data with the connection.
>
> Ultimately, the problem with the certificate is that it's self-signed,
> and as such, untrusted. SSL certificates work because they're issued by
> a trusted authority - self-signed certificates are placeholders intended
> to be replaced with a 'real' certificate with a valid chain of trust and
> encryption keys that are unique (many self-signed certificates are
> distributed with the web server, and are not unique or tied to the
> external hostname).
>
>
>
I was resigned to not using a certificate on my site and just hoping
people (and spiders) would visit it anyway. Then I heard about Let's
Encrypt and their free SSL service! Yay! But then I found out that my
host blocks Let's Encrypt and I am depressed again.
:(
Michael
Post a reply to this message
|
|