Skip to content

Host your own ssl certificate

Jump to bottom Edit New page
Jay B. Martin edited this page Feb 16, 2014 · 5 revisions

Problem

Recent security updates to Chrome, Firefox, and IE prevent workers from seeing ads presented in unsecured iFrames, such as the ads generated by psiTurk. iFrames can only be secured if the host possesses a valid SSL certificate. A SSL certificate is a small file containing verified organization info such as identity and domain name that enable browsers to establish secured connections to trusted servers. Instructions for obtaining and installing a SSL certificate on your computer are provided below.

Please note that obtaining and installing a SSL certificate is non-trivial. We are currently developing a free service to address this issue. If you'd like to try it out, please checkout our dev branch. It's currently undocumented, but feel free to send us feedback.

The instructions below are intended for users that a) are using a version of psiTurk < 1.0.2 or b) want to host their own SSL certificate.

Solution

  1. Ask users to Bypass SSL (unsafe)
  • Firefox
    1. Type in your address bar: about:config
    2. Search for "mixed"
    3. Right click to toggle the "security.mixed_content.block_active_content" option so that it says false.
  • Chrome
    1. Click on the shield in the URL bar and allow the content to pass.
  1. Create a self-signed certificate
  • This method doesn't require a third-party to verify credentials; however, most browsers will display scary warning messages to your visitors.
  1. Obtain a valid SSL certificate
  • Free certificates available at StartSSL
  • OpenShift?
  • Sign up
  • Install
  • ... ##TODO##

Sources

  1. Stackoverflow
Add a custom footer
Add a custom sidebar
Clone this wiki locally