In our case I think we even have our own CA trusted by the browsers so there's no apparent reason for the self-signing.
>If you teach users to ignore HTTPS errors, then MITM attack becomes easier because user don't see anything suspicious.
That's precisely the point I made to the "technical" person and it was ignored...
In our case I think we even have our own CA trusted by the browsers so there's no apparent reason for the self-signing.
>If you teach users to ignore HTTPS errors, then MITM attack becomes easier because user don't see anything suspicious.
That's precisely the point I made to the "technical" person and it was ignored...