Whew.  Just survived an Ubuntu dist-upgrade which broke our Apache SSL 
virtual hosts configuration.  I had thought the foulup on the test 
server was because we were testing various certs in the wake of the root 
CA expiration!

We estimate that 15-25% of our users will be affected (the new root CA 
seems to work in Google Chrome as well as IE), and that a new wildcart 
cert could be had for $40 or $80 from StartSSL for two years - not quite 
sure yet what level verification we'd need, hence the 40/80 doubt.

We're running multiple name-based hosts at one IP address (for 
encryption), hence the reliance on the wildcart cert.  We could 
conceivably get more IP addresses, but I don't know if I want to take 
that one up with IT.  Methinks we're going to try scraping together 
40/80 bucks, which isn't as simple here as it may sound.

Twitter's been very helpful in keeping up with this.

Yitzchak Schaffer
Systems Manager
Touro College Libraries
33 West 23rd Street
New York, NY  10010
Tel (212) 463-0400 x5230
Fax (212) 627-3197
Email [log in to unmask]

Access Problems? Contact [log in to unmask]