Sujet : Re: Chromium and self-signed certificates
De : <bp (at) *nospam* www.zefox.net>
Groupes : comp.sys.raspberry-piDate : 02. Sep 2024, 23:05:11
Autres entêtes
Organisation : A noiseless patient Spider
Message-ID : <vb5cqm$30i3d$1@dont-email.me>
References : 1 2 3 4 5 6 7 8 9
User-Agent : tin/2.6.2-20221225 ("Pittyvaich") (FreeBSD/14.0-RELEASE-p9 (arm64))
Lawrence D'Oliveiro <
ldo@nz.invalid> wrote:
On Sun, 1 Sep 2024 16:12:50 -0000 (UTC), bp wrote:
In principle it would make sense to make a root CA for the three domains
(zefox.com, zefox.net and zefox.org) under my control but if I disturb
that one CA up all three become unreliable.
If these are names intended to be accessed by the general public, then you
need certs signed by official CAs that are trusted as standard by the
browsers that the general public uses.
Setting up your own private CA only works for authentication between
machines that you control.
I understand that's the general intention, but can't browsers be told
to trust a particular self-signed certificate by a user? That's what
I was trying to do in my initial experiment, but apparently didn't
construct the certificate correctly. If there's something else I'm doing
wrong it'd to good to know now. The facility to export and import
certificates to Chromium under Raspian Bookworm seems to suggest so.
Thanks for writing, and again for your patience!
bob prohaska
Chromium and self-signed certificates
Re: Chromium and self-signed certificates
