|
||||||||
At 11:48 AM +0100 1/28/04, Christiaens Joachim wrote: >> >> You will get a message from your browser >> saying that the identity of the web site could not be >> verified, because the web site's certificate was signed >> by an unknown certifying authority. I.e., >> maybe someone is spoofing the web site. >> >> I haven't figured out how to make this go away. > >You have to buy a certificate from verisign, thawte or some vendor, so your >browser will trust the certificate blindly, or you will have to manually >trust (install locally) the certificate one time in your browser. Ah, that makes sense. Next question: How do I do that? ;-) Or, more specifically, after following Manuel's instructions for using OpenSSL to generate a certificate locally, <http://m0n0.ch/wall/list/?action=show_msg&actionargs[]=5&actionargs[]=49>, I have three files: - cert.csr - cert.pem - privkey.pem I would like to install these into my browser to make the message go away. Mozilla seems willing to import all three files (Go to Preferences / Privacy & Security / Certificates, and click the Manage Certificates button), but it is not clear to me which one(s) should get imported, or which panel of the Certificate Manager I should use to do the importing (all four panels have an Import button). If you tell me, and I get it to work, I'll write it up like the Getting Started guide (I'm thinking of a Secondary Configuration page, with a variety of topics that don't relate to servers and DMZs, plus a servers & DMZ guide), and post a URL to the list by the end of the week. Thanks! Michael -- _____________________________________________________________ Michael A. Alderete <mailto:lists dash 2003 at alderete dot com> <http://www.alderete.com> |