Whew. Just survived an Ubuntu dist-upgrade which broke our Apache SSL virtual hosts configuration. I had thought the foulup on the test server was because we were testing various certs in the wake of the root CA expiration! We estimate that 15-25% of our users will be affected (the new root CA seems to work in Google Chrome as well as IE), and that a new wildcart cert could be had for $40 or $80 from StartSSL for two years - not quite sure yet what level verification we'd need, hence the 40/80 doubt. We're running multiple name-based hosts at one IP address (for encryption), hence the reliance on the wildcart cert. We could conceivably get more IP addresses, but I don't know if I want to take that one up with IT. Methinks we're going to try scraping together 40/80 bucks, which isn't as simple here as it may sound. Twitter's been very helpful in keeping up with this. -- Yitzchak Schaffer Systems Manager Touro College Libraries 33 West 23rd Street New York, NY 10010 Tel (212) 463-0400 x5230 Fax (212) 627-3197 Email [log in to unmask] Access Problems? Contact [log in to unmask]