1 |
Mick <michaelkintzios@×××××.com> writes: |
2 |
|
3 |
> On Saturday 05 Sep 2015 02:08:47 Fernando Rodriguez wrote: |
4 |
>> On Saturday, September 05, 2015 1:05:06 AM lee wrote: |
5 |
>> > In this case, I happen to have full physical access to the server and |
6 |
>> > thus to the certificate stored on it. This is not the case for, let's |
7 |
>> > say, an employee checking his work-email from home whom I might give the |
8 |
>> > login-data on the phone and instruct to add an exception when the dialog |
9 |
>> > to do so pops up when they are trying to connect. |
10 |
>> |
11 |
>> As a workaround you can create your own CA cert. I tested with a windows |
12 |
>> self- signed cert (I guess the correct term is self-issued) and the |
13 |
>> openssl command will show two certs. The second is the CA. |
14 |
>> |
15 |
>> http://datacenteroverlords.com/2012/03/01/creating-your-own-ssl-certificate |
16 |
>> -authority/ |
17 |
> |
18 |
> lee, on my FF I can import a self-signed certificate when I go to: |
19 |
> |
20 |
> about:preferences#advanced |
21 |
|
22 |
You mean to enter this as an URL, just like about:config? When I do |
23 |
that, I'm getting "The URL is not valid and cannot be loaded. The |
24 |
provided address is not in a recognized format. Please check the |
25 |
location bar for mistakes and try again.". |
26 |
|
27 |
Maybe that only works with firefox? |
28 |
|
29 |
> and then select the 'Servers' tab. After I import it I can select it and |
30 |
> click on the 'Add Exception' button at the bottom of the tab. Enter the http |
31 |
> address of the server and FF should go and fetch it afresh when you click on |
32 |
> 'Get Certificate', then tick 'Permanently store this exception' and 'Confirm |
33 |
> Security Exception'. These buttons will be greyed out if do not download the |
34 |
> certificate or if I am running FF in Private Browsing mode. |
35 |
|
36 |
I'm guessing you might be in the window that shows up when you edit |
37 |
preferences and go to 'Privacy & Security --> Certificates --> Manage |
38 |
Certificates ...' and then to the "Servers" tab. |
39 |
|
40 |
From there, I can import the certificate I downloaded with openssl. |
41 |
Once imported, I can click on "Add Exceptions". That gives me the same |
42 |
dialog which comes up when I'm trying to connect which doesn't allow me |
43 |
to add an exception because the buttons to do so are disabled. The |
44 |
dialog remains stuck at "Checking Information" indefinitely. |
45 |
|
46 |
I'm attaching a screenshot: |