I am pretty surprised to find out this is happening when I was debugging my L2TP/IPSec tunnel: someone is trying very hard to guess my root password over SSH. A quick check proved to me that my private cloud is under attack too.
Somehow destiny brought me to StartSSL, a company that provides free SSL certificates. This prompted me to replace all existing CACert certificates and enforcing SSL on all publicly available entry points: blogs, bug tracker and git code repository.
If you have previously added the CACert root certificate to access my website, please remove them now as public entry points no longer requires that, and new entry points will be added with similar StartSSL (or other free services’) certificates.
If you came to my website recently, you should have noticed that my website now have SSL enabled, but the certificate may not be trusted.
Settig up SSL is trivial, but setting up SSL with a trusted certificate is difficult and expensive.
I dont have all those spare money. That is why I used a free (but trusted by free software community) CA, CACert (http://www.cacert.org/) You can visit their page for their root certificate and trust that. That will automatically make your browser trust my website.