On Mon, Aug 10, 2009 at 2:03 PM, Magnus Therningmagnus@therning.org wrote:
Aaron Griffin wrote: [..]
It's not invalid, it's self-signed, so there's no certificate authority stamp-of-approval on it. We had a free year certificate at one point, but decided not to waste the money for a real certificate if it's only used by the devs.
One option would be getting one from CACert.org. Of course it won't be worth a lot without putting their root cert in openssl/firefox/konquerer/epiphany/etc...
We looked into that, but that's not much better than a self signed cert. We discussed this at length among the devs, and already made a decision. We're well aware of all the options :)