harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added some more details about why browser-valid SSL certificates must be

Browse Source 
used when SSL is used at all.

It is now in the check failure message in the installation routine, the
installation readme and in the documentation pages.
This commit is contained in:
sasiflo
2014-04-10 23:41:18 +02:00
parent c97222c2fc
commit f16fc1eb4f
3 changed files with 32 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
mod/setup.php
View File

@@ -551,7 +551,14 @@ function check_htaccess(&$checks) {
if(strstr($a->get_baseurl(),'https://')) {
$test = z_fetch_url($a->get_baseurl() . "/setup/testrewrite",false,0,array('novalidate' => true));
if($test['success']) {
check_add($checks, t('SSL certificate validation'),false,true, t('SSL certificate cannot be validated. Fix certificate or disable https access to this site.'));
$help = t('SSL certificate cannot be validated. Fix certificate or disable https access to this site.') . EOL;
$help .= t('If you use https access, you MUST use a certification instance known by all internet browsers. You MUST NOT use self-signed certificates!') . EOL;
$help .= t('This restriction is incorporated because public posts from you may for example contain references to images on your own hub. If your') . EOL;
$help .= t('certificate is not known by the internet browser of users they get a warning message complaining about some security issues. Although') . EOL;
$help .= t('these complains are not the real truth - there are no security issues with your encryption! - the users may be confused, nerved or even') .EOL;
$help .= t('worse may become scared about redmatrix having security issues. Use one of the free certification instances!') . EOL;
check_add($checks, t('SSL certificate validation'),false,true, $help);
}
}
}