Created attachment 2101 [details] What visitors to bugs.busybox.net see (1) Hi guys, It's a bit disconcerting to visit bugs.busybox.net and see it doesn't have a certificate recognised by the majority of browsers (see attached). Others may feel the same and wonder if the site is legitimate. Did you know that GoDaddy gives free 1-year HTTPS certificates to open source projects? https://www.godaddy.com/gdshop/ssl/ssl_opensource.asp I hope this helps. Mitch.
Created attachment 2107 [details] What visitors to bugs.busybox.net see (2)
I don't think bugzilla's data is that sensitive that I need to bother our service provider with this. Sorry.
Denys, maybe you've missed the point. If the data isn't sensitive, take the certificate off. If we need a cert, get a free one that doesn't annoy users. Having the cert warning message is annoying and looks like a scam. Do we really want to paint that picture?
(In reply to comment #3) > Denys, maybe you've missed the point. > > If the data isn't sensitive, take the certificate off. If we need a cert, get > a free one that doesn't annoy users. Well, I asked the provider about it, and that was their answer - "the data isn't sensitive enough for it". Since they host busybox site *for free*, I really don't feel it is right to *insist* they work more to satisfy my whims.
Ok I understand that. If this is the case, can we remove HTTPS access?
Scratch that idea. I've suggested a way forward that is both free and easy, but if there is no will to make it happen, let's not worry about it further. I give up.