[CentOS] self signing certificates

Keith Keller kkeller at speakeasy.net
Tue Aug 25 04:13:08 UTC 2009

On Tue, Aug 25, 2009 at 11:38:08AM +1000, Les Bell wrote:
> Can't you install your own root certificate into the internal client
> browsers? The book "Network Security Hacks" (Andrew Lockhart, O'Reilly)
> gives a procedure for doing this (p. 112). You generate a .der file from
> the cacert.pem file, add a new mime type in the Apache config and then make
> the pem and der files available on your server. The users can now install
> the new root cert by just clicking on a link.

If you're going to go through that much trouble for Firefox 3, you might
as well just document how to add an exception to FF3 for self-signed
certificates.  :)  (The above procedure might be helpful for other
browsers where it may not be possible to add an exception as you can in


kkeller at speakeasy.net

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.centos.org/pipermail/centos/attachments/20090824/3df82931/attachment.sig>

More information about the CentOS mailing list