Fwd: Re: [rfc][icedtea-web] reproducer for PR905
Jiri Vanek
jvanek at redhat.com
Wed Apr 4 09:19:11 PDT 2012
On 04/04/2012 06:16 PM, Danesh Dadachanji wrote:
>
>
> On 04/04/12 12:05 PM, Jiri Vanek wrote:
>> On 04/04/2012 05:58 PM, Deepak Bhole wrote:
>>> * Jiri Vanek<jvanek at redhat.com> [2012-04-04 11:55]:
>>>> ...snip...
>>>>>>>>
>>>>>
>>>>>
>>>>> How about creating a cert, importing it and then signing everything with that
>>>>> cert?
>>>>>
>>>>
>>>> Applet is then not asking user anymore???
>>>>
>>>> If this is true than this is granzgenial:)
>>>>
>>>> It will need some logic to import the certs to browser, but it will
>>>> be needed anyway (see http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-March/017799.html
>>>> for more about browser detection)
>>>>
>>>
>>> If you choose to always trust it, yes it shouldn't ask any more.
>>
>> hmmm... Can be much harder then to control this fully-automatically.
>> (means create certificate during make is easy, sign all stuff with this certificate is easy,
>> import certificate to browsers should be
>> also easy (just cp I believe), force the browser to force this new certificate without prompt can
>> be however impossible :( )
>> If it is possible to accept it just oncetimes for all future-generated certificates - it will do
>> the job as well.
>>
>
> Can't you just add it to the keystore? That's what "Always Trust" does anyway IIRC.
>
Well it will solve the issue pretty easy!
Now just to try it:)
>> I would like to avoid one static certificate which have to be refreshed each .. some times...
>>
>>
>>>
>>> Cheers,
>>> Deepak
>>
More information about the distro-pkg-dev
mailing list