Topic: Allow http protocol for webmail (horde)

[pfigueira]

Hi,
I have a small school server and we do not have funds to buy a SSL certificate. Is there any way I can allow the horde webmaill to be accessed by http?

Thansk,
Paulo F.

[judgej]

Is there a problem with the certificate that SME Server supplies by default? It may be self-certified, but it still works fine. Just make sure you access webmail using the domain of the certficate for least hassle, which will most likely be https://yourservername.yourdomain/webmail

All browsers should let you use the default cert, even if there are problems with it.

But to your specific question: SME Server did used to allow HTTP webmail, but it looks like that option has been removed at some point.

-- Jason

[pfigueira]

Thanks for your reply.
I have no trouble at all with the certificate but a lot of other users (teachers and students) using IE7 (especilally with IE7) receive a 'shocking' webpage inviting them to stay away from that site. All I want to do is to eliminate this problem.
Sorry for my bad english.

Thanks,
Paulo F.

[cactus]

Thanks for your reply.
I have no trouble at all with the certificate but a lot of other users (teachers and students) using IE7 (especilally with IE7) receive a 'shocking' webpage inviting them to stay away from that site. All I want to do is to eliminate this problem.
Sorry for my bad english.

Thanks,
Paulo F.

You could pre-install the certificate on allon how to accept it on their systems or install them on all clients before handing them out, write a manual or buy a cheap one or perhaps even one from CACert.org would do, although you need to install there root certificate on all clients before hand as well.

One of the major risks of not using the SSL encryption is that all passwords sent to and from the server will be going over the wires in plain text, where SSL would encrypt them.

[judgej]

I paid about £40 (it was $US80) for a two-year certficate a couple of months ago (from COMODO), and I've not had a problem yet with any browsers not recognising the root. There are some cheap ones around if you search, otherwise you are limited to education of the users or pre-installing trusted root on their browsers (neither of which I would relish - you could have bought a cert by the time you have dealt with the Nth e-mail saying "it doesn't work!").

The way IE7 deals with it is appalling. At least IE6 would tell you why the cert may not be all it seems. With IE7 you cannot find out any information about why it is being rejected without *first* accepting it, by clicking on the big red "here be dragons and death" link first. No wonder teachers and students have a problem with it.

-- JJ