Add a friendly certificate manager

[amber]

I was surprised to find that Haiku doesn't recognize certificate files (*.cer) (*.p7b). I needed to install a security certificate on the system, but I didn't understand how to do it (or it's not obvious). Can you add a simple and convenient certificate Manager to your system? (for example, as "certmgr.msc" in Windows). If you already have such a program, please make it the default for opening *.cer and *.p7b files. Thanks

[nephele]

If you mean costum root certificates then the way is this:

• create /system/non-packaged/data/ssl/certs
• copy cert to /system/non-packaged/data/ssl/certs/cert
• run openssl rehash on the commandline

Sorry that it is still this complicated :)

you should be able to test with openssl s_client, and it's return code, whether the tls connection can be established then.

[amber]

Thanks! But I wouldn't want this system to follow the Linux path. (open a command prompt, copy the file to the "magic" path, and so on.) This is the same as in Windows, every time you go to the registry. I was interested in this OS because I think it is easier to learn than Linux. Please develop it in the same direction. "Command line" - should be a nice addition, not the main tool (as in this case).

[nephele]

Sure, I wanted to write down how it can be done currently because i don't think it is in the documentation (and would atleast give one the option to use it now)

The current UI regarding certificates is certainly not finished (or, to be more precise not started), I only added the option to have the certs in that directory to atleast be able to use them. The next thing I wanted to work on in that area is to remove the need to use openssl rehash, after that an application could simply drop a cert in that dir, e.g the cert that gets opened in the file manager, and have a ui to display the dirs content aswell.

[amber]

hm... Is it possible, as a "first step", to add the "Install" item to the context menu of the certificate file? It would be great if this item automatically copied the certificate file and executed the "openssl rehash" command in "back end".