Fwd: Re: [rfc][icedtea-web] reproducer for PR905
jvanek at redhat.com
Wed Apr 4 09:05:27 PDT 2012
On 04/04/2012 05:58 PM, Deepak Bhole wrote:
> * Jiri Vanek<jvanek at redhat.com> [2012-04-04 11:55]:
>>> How about creating a cert, importing it and then signing everything with that
>> Applet is then not asking user anymore???
>> If this is true than this is granzgenial:)
>> It will need some logic to import the certs to browser, but it will
>> be needed anyway (see http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-March/017799.html
>> for more about browser detection)
> If you choose to always trust it, yes it shouldn't ask any more.
hmmm... Can be much harder then to control this fully-automatically.
(means create certificate during make is easy, sign all stuff with this certificate is easy, import
certificate to browsers should be also easy (just cp I believe), force the browser to force this
new certificate without prompt can be however impossible :( )
If it is possible to accept it just oncetimes for all future-generated certificates - it will do
the job as well.
I would like to avoid one static certificate which have to be refreshed each .. some times...
More information about the distro-pkg-dev