From 050aa1e1f0edd6e492b91aebc045ab29a8c32567 Mon Sep 17 00:00:00 2001 From: Juan Linietsky Date: Wed, 8 Apr 2015 16:32:37 -0300 Subject: [PATCH] Updated tutorial_ssl (markdown) --- tutorial_ssl.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tutorial_ssl.md b/tutorial_ssl.md index 5ddfac6..1da154e 100644 --- a/tutorial_ssl.md +++ b/tutorial_ssl.md @@ -25,7 +25,7 @@ OpenSSL has [some documentation](https://www.openssl.org/docs/HOWTO/keys.txt) ab ### Approach 2, CA Cert The second approach consists of using a certificate authority (CA) such as Verisign, Geotrust, etc. This is a more cumbersome process, but it's more "official" and ensures your identity is clearly represented. -Unless you are working with large companies or corporations, this method does not make much sense. +Unless you are working with large companies or corporations, or need to connect to someone else's servers (ie, connecting to Google or some other REST API provider via HTTPS) this method is not as useful. Also, when using a CA issued cert, **you must enable domain validation**, to ensure the domain you are connecting to is valid, otherwise any website can issue any certificate in the same CA and it will work.