You are not logged in.
Pages: 1
In an old GLPI installation (Centos 7, Apache 2.4) I noticed some system email messages (/var/spool/mail/root) began to appear recently, telling something about an expired ssl certificate or something.
The thing is, we never did any ssl/tls setup, only plain installed glpi. I think it was not considered necessary, we only use glpi within LAN local network. I didn't even imagine we could use https to access the web interface, until I just tried. And when trying I noticed browser displayed the "connection is not secure/private" warning and had to add an exception before being able to access.
1) Is it ok to use glpi with https despite not having any certs and browser's warnings? I always used plain http and now feel a bit nervous by having tried https...
2) If not having any certs, why these system mail messages? Did glpi or apache install some kind of default self-signed certs at some point, which now just expired? Or something?
Offline
hi bugless
thoses message start to appeard starting 2018 after a huge security breach on every system with tls protocole
linux /windows/mac ==> all the sames
exemple for my wsus i got it, need to applicat correctif and activate https event if not using it in internal
it s the same for linux need to actived it even you are not using it.
regards
Kurasul // IT Manager ============ https://discord.gg/qgDXNwS
OS + plugins: Ubuntu 16.04 // GLPI 9.2.1 // Php 7.0 // Sql + phpmyadmin // LDAP //
Fusion Inventory 9.2+1.0 //Cartographie 4.4.0 // Dashboard 1.4.0 // Gestion de baies 1.8.0 // Comptes 2.3.0 // Impression PDF
Imports fabricants 2.0.0 // Liste des taches 1.2.0 // Plus de rapports 1.4.0 // Arrêté du parc 2.4.0
Offline
Pages: 1