The department now has security certificates for our servers that are signed (in an authority chain) by StartCom Ltd, which are accepted by most modern browsers (Firefox, IE, Safari) and modern email clients (such as Thunderbird). The certificates have been tested on blog.math.toronto.edu, wiki.math.toronto.edu, and www.math.toronto.edu and are currently working fine there. If you try to securely access these servers using “utoronto.ca” instead of “toronto.edu” at the end of the server address then you will get warning messages about the certificate being valid for “toronto.edu” only.
We have also tested using the new certificates for our mailserver (for webmail and IMAPS access, and even for “pine”) and things are working well, although minor reconfiguration of the way email is accessed (always use the “toronto.edu” forms instead of “utoronto.ca” forms) will give a nicer user experience and we will document how to do that before we switch to the new certificates (probably early next week). We will make local changes for “pine” and for the webmail link on our homepage.
