friendica.sasiflo.de
lang

Friendica und SSL

@Friendica Support

Whow! Es ist so einfach! Mein Friendica-Server ist ab sofort nur noch per HTTPS/SSL erreichbar. Und es hat gar nicht weh getan!

EIn Zertifikat bei StartSSL ist mit ein bisschen Geduld recht fix organisiert. Die Jungs von uberspace.de sind turbofix und haben mein neues Zertifikat gleich eingebaut. Nur noch den DNS angepasst. Die Option zum Erzwingen einer SSL-Verbindung in Friendica gesetzt. Und fertig ist die Laube!

Einziger Wermutstropfen: Mein favicon wird nicht mehr angezeigt.
Categories: Friendica [remove] , SSL [remove]
44 comments show more
last year, i saw that markmonitor start to show up with some "big name" domains, in their whois. i thought weird, and extremely creepy. i use whois a LOT, so i noticed it. i didn't pay much attention to it though. why? because i put it down to yet another creepy shit thing big business does.

also, check out the what i call permissions:

Status: clientDeleteProhibited, clientTransferProhibited, clientUpdateProhibited, serverDeleteProhibited, serverTransferProhibited, serverUpdateProhibited

us regular folks don't get some of those. check your own domains for fun.

i didn't investigate much, but i figured markmonitor had something to do with "protecting IP", just from the name.

i was right. i hate being right with this kind of stuff....

a couple of years ago, maybe more, a bunch of us were talking about "IP", and how much it's tied up with that trademark, copyright, fascistic licensing, and other similar issues, and how much it stifles real creativity and privacy protection.

i'm not surehow many of you have heard of "big brother" the teevee... show more
Well, MarkMonitor seems to be a reigstraras well as a CA. I.e. they can easily change the IP a host name points to and serve an SSL cert that every browser accepts, i.e. stage a man-in-the-middle attack. VERY easily, and for all major email hosters and social networks companys, it seems.