On Tue, 2004-07-13 at 19:04 +0300, Timo Sirainen wrote:
On 13.7.2004, at 18:17, Colin Walters wrote:
The major problem I ran into was getting my dad and some of my friend's Windows machines to trust my CA. It involved a lot of complexity with this "mmc" program. Not to mention my dad has multiple machines, one of them at his office that I didn't have access to. The rest of my friends use Linux as I do, but even there configuring different applications to trust a certificate isn't easy.
Adding new CAs is actually pretty easy in Windows. You right click it, "install certificate", place it into "Trusted root certificates" and click ok/next a few times.
I'll take your word for it. I had just searched the Microsoft site about the issue and found an article that told me to use mmc.
I have no idea how to do it in Linux though. Does OpenSSL have some hardcoded root certificates directory, or does each program handle it in it's own way?
Both :)
On my Fedora system all the root certificates are in /usr/share/ssl/certs/ca-bundle.crt.
But there is no standard way for an unprivileged user to write to that file.
Before Evolution used to ask me constantly about my certificate, and lazy as I were I just clicked "ok". Nowadays it seems to be silent, maybe one day it started remembering it.
I think Evolution remembers the result now, and keeps it around in its own certificate cache.
If it's really as easy to install root certificates on Windows as you say, then I might give it another try.