I don't know, sorry. That's a side of things I know absolutely fuck all about.
My *guess* would be that, given that it's a staging thing and I don't suppose many people will be using it, get everyone who uses it to add a security exception? And maybe self-sign as a little tiny bit of protection.
It's not a certificate for my server (which I don't run https on), it's a bunch of certificates that mostly appear to be for online transactions (e.g. thawte, a bunch of banks &ct). *I guess*
You want them. CA Certificates are those used by the certificate vendors to verify other SSL certificates, they're not just used for HTTPS but lots of other SSL transports. Without up to date CA certificates your ability to communicate securely over SSL is as good as non existent.
OK, thanks. I can't remember if they were onboard the original ubuntu server installation, a package dependency, or I deliberately installed them. Maybe they're using stronger encryption, which could explain why they seemed so slow today. Apparently they're not updated very frequently.
----
"Ninety percent of Americans use the Internet. The other ten percent use the banjo."
