On Tue, Aug 25, 2009 at 11:38:08AM +1000, Les Bell wrote: > > Can't you install your own root certificate into the internal client > browsers? The book "Network Security Hacks" (Andrew Lockhart, O'Reilly) > gives a procedure for doing this (p. 112). You generate a .der file from > the cacert.pem file, add a new mime type in the Apache config and then make > the pem and der files available on your server. The users can now install > the new root cert by just clicking on a link. If you're going to go through that much trouble for Firefox 3, you might as well just document how to add an exception to FF3 for self-signed certificates. :) (The above procedure might be helpful for other browsers where it may not be possible to add an exception as you can in FF3.) --keith -- kkeller at speakeasy.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: not available URL: <http://lists.centos.org/pipermail/centos/attachments/20090824/3df82931/attachment-0005.sig>