1 |
On Saturday 05 Sep 2015 02:08:47 Fernando Rodriguez wrote: |
2 |
> On Saturday, September 05, 2015 1:05:06 AM lee wrote: |
3 |
> > In this case, I happen to have full physical access to the server and |
4 |
> > thus to the certificate stored on it. This is not the case for, let's |
5 |
> > say, an employee checking his work-email from home whom I might give the |
6 |
> > login-data on the phone and instruct to add an exception when the dialog |
7 |
> > to do so pops up when they are trying to connect. |
8 |
> |
9 |
> As a workaround you can create your own CA cert. I tested with a windows |
10 |
> self- signed cert (I guess the correct term is self-issued) and the |
11 |
> openssl command will show two certs. The second is the CA. |
12 |
> |
13 |
> http://datacenteroverlords.com/2012/03/01/creating-your-own-ssl-certificate |
14 |
> -authority/ |
15 |
|
16 |
lee, on my FF I can import a self-signed certificate when I go to: |
17 |
|
18 |
about:preferences#advanced |
19 |
|
20 |
and then select the 'Servers' tab. After I import it I can select it and |
21 |
click on the 'Add Exception' button at the bottom of the tab. Enter the http |
22 |
address of the server and FF should go and fetch it afresh when you click on |
23 |
'Get Certificate', then tick 'Permanently store this exception' and 'Confirm |
24 |
Security Exception'. These buttons will be greyed out if do not download the |
25 |
certificate or if I am running FF in Private Browsing mode. |
26 |
-- |
27 |
Regards, |
28 |
Mick |