[UFO Chicago] Certificate For Https

Dave daveydee87 at gmail.com
Tue Jul 27 12:19:06 CDT 2021


SSL certificates can be had for free via https://letsencrypt.org/

The easiest way to manage these certs is via https://certbot.eff.org/

They are only valid for a couple months each, but can be set up to
automatically revalidate via http or DNS authentication.


On Tue, Jul 27, 2021 at 12:10 PM Jay F. Shachter <jay at m5.chicago.il.us>
wrote:

>
> Esteemed Colleagues:
>
> I write today on behalf of a friend who has a website that offers free
> textbooks to download (http://potto.org, for the curious).  He is
> getting less traffic than he used to get, and he thinks it is because
> he does not support https.  Apparently some browsers are now warning
> you when you connect to a website using http, and my friend thinks
> that this warning is scaring people way.  There is, of course, no
> reason to care whether the free textbook you download is coming to you
> encrypted or unencrypted -- why would you care if the NSA is able to
> read a textbook on fluid dynamics? -- but my friend's theory is that
> some people, the moment they see a warning from their browser, run
> away from the site, regardless of whether it makes any sense or not.
>
> So now my friend wants to support https on his website.  He thinks he
> will get more traffic that way.  But if he installs a self-signed
> certificate on his website (like I have on mine, https://m5.chicago.il.us
> ),
> the same browsers that were warning people about unencrypted traffic,
> are now going to warn them about the self-signed certificate.  Again,
> there is no reason to care whether potto.org has a self-signed
> certificate.  A self-signed certificate would only mean that you
> cannot know that the website claiming to be potto.org really is
> potto.org.  But why would anyone care whether the free textbook on
> fluid dynamics that he is downloading, is coming to him from
> potto.org, or from an imposter claiming to be potto.org?  If I have an
> account on CitiBank, and I am about to type in my account name and
> password to do some on-line banking, then I care whether I'm giving
> the information to citibank.com or to an imposter claiming to be
> citibank.com, but there is no logical reason to care whether potto.org
> is really potto.org or an imposter.  Nevertheless, my friend has a
> theory that whenever users get a warning from their browser, they run
> away, regardless of whether it makes sense.
>
> Which now brings me to my question, and the reason why I am posting
> this message to the ufo mailing list.  What is the cheapest https
> certificate my friend can get?  It doesn't have to be a certificate
> that will satisfy an expert.  An expert wouldn't care whether he has a
> certificate at all.  It just has to be a certificate that will keep
> the browsers from emitting a warning, which he thinks is scaring
> people away from his website.  My friend operates as a non-profit
> organization, if that makes a difference.  Thank you in advance for
> any and all replies.
>
>                         Jay F. Shachter
>                         6424 North Whipple Street
>                         Chicago IL  60645-4111
>                                 (1-773)7613784   landline
>                                 (1-410)9964737   GoogleVoice
>                                 jay at m5.chicago.il.us
>                                 http://m5.chicago.il.us
>
>                         "Quidquid latine dictum sit, altum videtur"
> _______________________________________________
> UFO Chicago -- Users of Free Operating Systems
> Free Software Rules -- Proprietary Drools!
> http://ufo.chicago.il.us/cgi-bin/mailman/listinfo/ufo
>


-- 
Thanks,

Dave
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://ufo.chicago.il.us/pipermail/ufo/attachments/20210727/02eb8849/attachment.htm>


More information about the ufo mailing list