Jerry Geis geisj@pagestation.com wrote:
Was just trying to find a way so that users that "dont know" what this box is that is poping up wont even see the box. <<
Can't you install your own root certificate into the internal client browsers? The book "Network Security Hacks" (Andrew Lockhart, O'Reilly) gives a procedure for doing this (p. 112). You generate a .der file from the cacert.pem file, add a new mime type in the Apache config and then make the pem and der files available on your server. The users can now install the new root cert by just clicking on a link.
(Sorry if this has already been covered - I wasn't paying attention to the earlier discussion).
Best,
--- Les Bell [http://www.lesbell.com.au] Tel: +61 2 9451 1144
On Tue, Aug 25, 2009 at 11:38:08AM +1000, Les Bell wrote:
Can't you install your own root certificate into the internal client browsers? The book "Network Security Hacks" (Andrew Lockhart, O'Reilly) gives a procedure for doing this (p. 112). You generate a .der file from the cacert.pem file, add a new mime type in the Apache config and then make the pem and der files available on your server. The users can now install the new root cert by just clicking on a link.
If you're going to go through that much trouble for Firefox 3, you might as well just document how to add an exception to FF3 for self-signed certificates. :) (The above procedure might be helpful for other browsers where it may not be possible to add an exception as you can in FF3.)
--keith
-
Keith Keller -
Les Bell