@george1421 said in FOG 1.5.6 Officially Released:
Now if fog could use one of those fee root traceable ssl certificates (like from lets encrypt) and then created the FOG SSL certificate using that then the IT admins would not get the browser nag messages.
using Let’s Encrypt for FOG installation wouldn’t work in >98% of cases because those fog servers are not open to inbound traffic from the internet. They couldn’t pass the DNS http challenge/response.
Mostly, FOG is used at universities and public school districts. While I can see a university maybe already having a self-signed cert installed in the OS’s trust store, it’s not my experience or observation that public schools do this. While I’m 100% fully on-board with end-to-end encryption all the time everywhere, I feel it’d only be an unwanted hurdle to jump for most FOG users that are just trying to get some computers imaged.
Perhaps it could be made easier to setup SSL, rather than forcing it? Perhaps make it optional, and defaulting to ‘no’.
At any rate, this is just my 2 cents.