url GET https requests --> "walking" thru certificate issues

Sivakatirswami katir at hindu.org
Mon Jan 9 20:59:43 EST 2006 

Many web sites (our own included) use a "site wide--box wide" SSL  
certificate for all sites run off the same httpd process. An https  
url GET request for a page on a specific virtual domain on that box  
invariably elicits the dread:

=========

Unable to verify the identify of da.kin.little.website.org as a  
trusted site.

Possible reasons for this error

   etc. etc.

_ Accept this certificate permanently

X accept this certificate temporarily for this session

_ Do not accept his certificat and do not connect to this web site.

=====

Clicking "OK"  the default to "accept for this session" elicits a yet  
a second error dialog in the browser:

======
"You have attempted to estabish a connection with  
"da.kin.little.website.org" . However the security certificate  
present belongs to "littleWebSite's.Mother.Ship.Host.org"... it is  
possible though unlikely that someone may be trying to intercept your  
communication with this web site.

etc.etc

"OK"

====

then finally, you are offered the option to enter user:pass. This  
even happens with "professional" web admin tools in big data centers  
(we use OLM which hosts 1000's of servers and even their system  
(EnsimPro) throws these dialogs at me whenever I log in to admin our  
leased server...)

======

users are so accustomed to just clicking thru these things they  
hardly pay attention any more and once in, their browser "remembers"  
and they don't see it again... until they log in next day or next week.

But, :-/, from within Revolution

put url "https://user:pass@da.kin.little.website.org/fooFolder/" into  
tListing

fails.  it returns empty and "the result" is the usual:

"error -Error with certificate at depth: 0  issuer   = /C=US/ 
O=Equifax Secure Inc./CN=Equifax Secure Global eBusiness CA-1   
subject  = /C=US/O=hap.himalayanacademy.com/OU=https:// 
services.choicepoint.net/.... etc. etc."

Does anyone know a way to get libURL to "walk thru" these server  
responses, just like a user would in a browser?

Sivakatirswami
Himalayan Academy Publications
www.HimalayanAcademy.com,
www.HinduismToday.com

More information about the use-livecode mailing list