[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[THREDDS #ZTB-960075]: Thredds + Apache + SSL



> 
> 
> 
> Unidata netCDF Java Support wrote:
> > 1. you should tell the Army theres no point in using ssl without 
> > authentication,
> you are just slowing everything down for no gain.
> 
> We have tried reasoning with the Army but as you might guess it is
> somewhat futile.

i guess it was a rhetorical statement

> 
> >
> > 2. im not really sure if things fail because theres no authentication, or 
> > because
> of the self-signed certificate. If you can eliminate one of those
> possibilities, that would be helpful.
> 
> The Army machines require certificates from the DOD and not from
> Thawte or other private type CAs.  It isn't technically self signed
> but probably most browsers don't recognize the DOD as an official CA.
> 
> I can turn on the authentication via thredds if you think that will
> help.

one thing that would probably work is to add the DOD cert to your client(s) 
trusted certificate store. is that feasible? 

we are looking at how to allow self-signed certificates but im not sure how 
long it will take us to do that. 


Ticket Details
===================
Ticket ID: ZTB-960075
Department: Support netCDF Java
Priority: Urgent
Status: Open


NOTE: All email exchanges with Unidata User Support are recorded in the Unidata inquiry tracking system and then made publicly available through the web. If you do not want to have your interactions made available in this way, you must let us know in each email you send to us.