Clicking away the message each time has two main disadvantages ...

Okay, but WHO is suggesting clicking away the message? Nobody? I just suggested getting rid of the message by importing your HMC's certificate into your browser's local store. I do suggest that the message is a nuisance because you don't need a "trusted" outside authority to validate a certificate issued by your own HMC certificate manager running on your own internal network.

The message was designed for browsers that might be accessing unknown and untrusted sites on the Internet, which doesn't apply in this case.

tools such as BurpSuite, Acunetix WVS or Fiddler can easily "change"
the SSL certificate. This is used to eavesdrop onto the connection to the
server ...

That appears to be misleading, because those tools are HTTP proxies that you install and run locally on your own PC to track your own I/O; not that of anyone else. What's wrong with eavesdropping on yourself?


This thread ...


Return to Archive home page | Return to MIDRANGE.COM home page