All the Perl that's Practical to Extract and Report

Oh joy! Firefox 3 is too secure for PAUSE.

hex on 2008-03-30T04:05:07

Secure Connection Failed

pause.perl.org uses an invalid security certificate.

The certificate is not trusted because it is self signed.

(Error code: sec_error_ca_cert_invalid)

Luckily it - I'm using FF 3.0b4 - has a very nice new mechanism that lets you add an exception for specific servers, but really I don't think we should be seeing this in the first place... could our lovely PAUSE people please fix this?

Are you paying for it?

autarch on 2008-03-30T05:19:03

The problem is that the certificate is self-signed. FF3 just has a different dialogue for approving such a cert, but all browser will prompt you about it.

Re:Are you paying for it?

hex on 2008-03-30T12:17:30

No, I'm not paying for it :-) Sorry if this post came across as ungrateful.

Hmm. Well, I'm really no expert in the field of authentication, encryption and so on. I was just taken aback a little by the wording of the error message, mainly the word "invalid".

It would be a nice gesture if some Perl-friendly organization would certify PAUSE, like GoDaddy did for KDE.

Re:Are you paying for it?

link on 2008-03-30T19:42:44

GoDaddy seem willing to do it for any open source project https://www.godaddy.com/gdshop/ssl/ssl_opensource.asp?ci=5988

Re:Are you paying for it?

autarch on 2008-03-31T03:56:33

I'm just saying nothing's changed except the browser's handling of self-signed certs. Admittedly, that change is rather jarring, since it looks a lot like a "failed to connect to server" error, as opposed to the old "insecure cert" popup.

The GoDaddy option does seem like a good one.

Re:Are you paying for it?

hex on 2008-03-31T15:15:15

Admittedly, that change is rather jarring, since it looks a lot like a "failed to connect to server" error, as opposed to the old "insecure cert" popup.

Yep. I just got it for rt.cpan.org as well and it surprised me again.

The GoDaddy option does seem like a good one.

Indeed. I shall try and find someone to bring it to their attention.

Re:Are you paying for it?

stu42j on 2008-03-31T18:40:22

There are other ways to get a free cert: http://cert.startcom.org/

Upcoming new certificate

LaPerla on 2008-04-13T08:47:32

Thanks for the heads up!

On Sat Apr 19 2008 PAUSE will switch to a cacert certificate. Please prepare your browser.

Re:Upcoming new certificate

hex on 2008-04-13T14:41:39

Awesome! Thank you very much.