Re: Expired Certificate in OEM

On Jun 24, 12:33 pm, Frank van Bortel <frank.van.bor..._at_gmail.com> wrote:
> Palooka wrote:
> > Sorry if this is a FAQ, but I have searched Tahiti, and Googled, but
> > have found nothing of use.
>
> > I installed Oracle 10.2.0.1 on AIX 5L (64 bit) the other day, and
> > created a small database to test. Enterprise Manager Database Control
> > was configured to use http, and worked.
>
> > Today I applied the patch to 10.2.0.4 and used dbua to upgrade the test
> > database.
>
> > All went well, with one exception. During the patch OEM Database Control
> > was reconfigured to use https - good. However, when I access it from a
> > Windows box on the network, I get a warning that the certificate has
> > expired. I can click through and OEM works fine, but obviously that
> > situation won't be acceptable in a production scenario.
>
> And why would that be?
> As the purpose of https is just to encrypt the datastream between
> client (you/your browser) and the server (OEM), who cares
> if the certificate expired? What does it signify? That you
> did not pay some firm hefty dollars. It does not mean your
> data gets compromised.

And of course, you can check the box so it doesn't ask you any more. But that begs the question, shouldn't we be concerned about certificates that should be valid but aren't? The date is within range, after all.

It's like the check engine light on a car. Some people realize it is just something stupid like not putting the gas cap all the way on, so literally or figuratively put a piece of black tape over it. Others follow the directions in the owners manual and take it to the dealer to be fixed asap. The thing is, sometimes the first group is wrong and do expensive damage. But no one admits it.

jg

--
@home.com is bogus.
http://www.signonsandiego.com/uniontrib/20080624/news_1b24broadcom.html