AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Mumble certificate error mobile app8/28/2023 ![]() Maybe we should rebuild mumble for the use of web of trust systems instead of that obsolete ca based system. But if you want you can dive in deeper in to that topic. I would suggest to just accept the server certificate and be lucky. OK, that was more philosophy then telling you what to do, but that you have to decide for your own in general. So much users are confused by this behavior of information technical systems. for example:Ĭase one: if you visit a website (or any other service without encryption) that uses no encryption you are as insecure as you can be (more there are not more openess then plain text) But you can visit this site without any notification about this lack of security.Ĭase two: If you are visiting a website which is using TLS/SSL with self signed certificates then you have much more security then in case one but you will get a very huge security warning message that you have to accept (with sometimes hidden options for that).Ĭase three: if you visiting a website that uses using TLS/SSL with an certificate signed from some institution which is in the list of your system/browser/whatever than you will have some more security then in case two, and no message to confirm, but the security gain of security is much lesser than that between case one and two. In my opinion we have a problem in these notification of connection security to the user in general. but in most cases these amount of security isnt required and you can just confirm the certificate without further checking. ![]() If you have trust in your internet provider you can confirm this without problems, best would be to ask the service provider (of that mumble server) using an independent way of communication, you can also check some services like EFFs SSL Observatory or ask a friend. So if you connect to an server the first time you will get this wired message which only means that you should be aware of this situation and check that this is the certificate of the server you want to connect to. In this context it became a common praxis to self sign your own certificates and rely on the communication partners to check there identity manually. So I just had to trust it on the server by following this guide and now everything works perfectly. When it looked at my Murmur certificate, validation failed since I never trusted my personal CA on the server itself. In general this is right But in our case we have the problem that these system is "obsoleted" and certifications cost a lot of money. 1 Answer Sorted by: 0 Apparently Murmur does not automatically trust the certificates you tell it to use. They (inventor of ca concept) thought, if you thrust these authorities it is a nice syetem. ![]() The ca system, certification authority, is a system in which service provider can get certificates signed by authorities. You have to understand something about the ssl/tls ca system. This is a normal message for common servers. ![]()
0 Comments
Read More
Leave a Reply. |