Secured by thawte

| 1 Comment

If you connect to any sites with the blogs.princeton.edu domain via a secure (SSL) connection (ex. https://blogs.princeton.edu), you should see a lock icon in either the bottom status bar or the top title bar of your browser. If you click on that icon, you can now view the Thawte-verified certificate information for this site.

What this means is that we are now ready, upon request, to create LDAP password-protected blogs, requiring users to connect via a secure connection (https://). This way LDAP passwords won’t be sent over the network “in the clear” for users who visit those secured blogs, and those visitors will not have to click through any ominous “this is not a trusted site” dialogs.

thawte cert logo mockup

One caveat is that on-campus users who try to use the shortcut https://blogs/ to connect to https://blogs.princeton.edu/ will see a warning dialog that states that you have attempted to connect to blogs; however, the security certificate presented belongs to blogs.princeton.edu.

Clarification: The LDAP integration is only for password-protecting an individual weblog’s pages and/or associated files. It is done at the Apache server level and uses an “.htaccess” file that we can create upon request. Unfortunately, we do not yet have any way to use LDAP to manage netIDs and passwords for author log-ins to the Movable Type admin interface.

1 Comment

nice blogs!

Recent Entries

Expired guest accounts
[09 Aug 2011] A few dozen non-Princeton users are using the Guest Account Provisioning Service to access the blog admin interface.…
Syntax highlighting disabled
[16 Jun 2011] By default, Movable Type template editing screens load a JavaScript that dynamically adds line numbers and color-coding to the code…
RSS feeds and Roxen CMS
[21 Apr 2011] Some University organizations with sites in both Roxen CMS and blogs.princeton.edu have tried to use Roxen’s RSS component…
Brief outage 3/28, Mon. morning
[25 Mar 2011] There will be a brief emergency outage of the blogs.princeton.edu server on Monday, March 28. It will be…