Next: About this document ... Up: Module 0063: Someprofs secure Previous: 3 How to use
Why? Is there a problem?
When you see this dialog box, you should be careful, as it may indicate a problem (such as a ``man-in-the-middle'' attack). However, in the case of the Moodle server, this dialog box is expected. Let me explain why this dialog box appears.
There are several purposes of a server certificate. In our context, a certificate contains a key pair for encryption. However, a certificate is also used to authenticate a server. In other words, are you really sure that you are connecting to the Moodle server at someprofs.org?
In order to authenticate a server, the administrator of a server requests a signed certificate from a CA. Upon verification of the authenticity of the request, a CA signs a certificate using the same concept of key-pair encryption. After that, the server can install and use the signed certificate for encryption and authentication purposes.
When a client, such as your computer, connects to a server via HTTPS, it first checks for the authenticity of the certificate. This is done by checking the (digital) signature of the certificate versus what it should be. The certificate itself indicates who signed it originally so that the client computer knows whom to contact for signature verification.
Here is the problem. It costs money to get a signed server certificate from a CA. This is money that someprofs.org does not have. As a result, someprofs.org gets its signed server certificate from http://www.cacert.org, which is not a CA recognized natively by most browsers. This is why you got the dialog box.
When you see this dialog, please read its message carefully. Click the
button labeled ``View/Examine certificate''. Check that the ``Issued to
Common Name'' is www.someprofs.org, and that the
``Issued by organizational unit'' is http://www.cacert.org'.
Once you verify these two points, you can select the option to accept
the certificate permanently.