diff options
| author | Matthias Andree <matthias.andree@gmx.de> | 2019-08-18 19:15:53 +0200 |
|---|---|---|
| committer | Matthias Andree <matthias.andree@gmx.de> | 2019-08-18 23:55:35 +0200 |
| commit | e3839d1e1e3fc694d975a2df65778eb5cd9025fc (patch) | |
| tree | b9dcf28338a6afcf6bfc905f3ee6abb25e541976 /README.SSL-SERVER | |
| parent | 0754444a57a5f22436965e45e87234a13da40122 (diff) | |
| download | fetchmail-e3839d1e1e3fc694d975a2df65778eb5cd9025fc.tar.gz fetchmail-e3839d1e1e3fc694d975a2df65778eb5cd9025fc.tar.bz2 fetchmail-e3839d1e1e3fc694d975a2df65778eb5cd9025fc.zip | |
Documentation updates.
Diffstat (limited to 'README.SSL-SERVER')
| -rw-r--r-- | README.SSL-SERVER | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/README.SSL-SERVER b/README.SSL-SERVER index ae833e60..60a7d332 100644 --- a/README.SSL-SERVER +++ b/README.SSL-SERVER @@ -25,8 +25,9 @@ are several requirements that need to be fulfilled. authority (CA). If your server certificate is not directly signed by the root certification - authority (root CA), then you are using intermediate CA. In this case, you - *MUST* (as per the TLS standard) provide *ALL* intermediate certificates. + authority (root CA), then you are using an intermediate CA. In this case, + you *MUST* (as per the TLS standard) provide *ALL* intermediate + certificates. If you fail to provide intermediate certificates, clients can only connect if the end user overrides/disables security warnings in his/her software, @@ -62,3 +63,7 @@ are several requirements that need to be fulfilled. readily available at least in MD5 and SHA1 formats and offer to clients and be ready to answer client questions as to the fingerprints (for verification) and installation in commonly used clients. + + Many systems will install the Mozilla root certificate bundle in an + easy to find place, so if you are signing your certificates by a CA + that Mozilla trusts, this helps many users. |