Opened 4 years ago
Last modified 4 years ago
#16663 new enhancement
Add a friendly certificate manager
Reported by: | amber | Owned by: | nobody |
---|---|---|---|
Priority: | normal | Milestone: | Unscheduled |
Component: | - General | Version: | R1/beta2 |
Keywords: | Cc: | ||
Blocked By: | Blocking: | ||
Platform: | All |
Description
I was surprised to find that Haiku doesn't recognize certificate files (*.cer) (*.p7b). I needed to install a security certificate on the system, but I didn't understand how to do it (or it's not obvious). Can you add a simple and convenient certificate Manager to your system? (for example, as "certmgr.msc" in Windows). If you already have such a program, please make it the default for opening *.cer and *.p7b files. Thanks
Change History (4)
comment:2 by , 4 years ago
Thanks! But I wouldn't want this system to follow the Linux path. (open a command prompt, copy the file to the "magic" path, and so on.) This is the same as in Windows, every time you go to the registry. I was interested in this OS because I think it is easier to learn than Linux. Please develop it in the same direction. "Command line" - should be a nice addition, not the main tool (as in this case).
comment:3 by , 4 years ago
Sure, I wanted to write down how it can be done currently because i don't think it is in the documentation (and would atleast give one the option to use it now)
The current UI regarding certificates is certainly not finished (or, to be more precise not started), I only added the option to have the certs in that directory to atleast be able to use them. The next thing I wanted to work on in that area is to remove the need to use openssl rehash, after that an application could simply drop a cert in that dir, e.g the cert that gets opened in the file manager, and have a ui to display the dirs content aswell.
comment:4 by , 4 years ago
hm... Is it possible, as a "first step", to add the "Install" item to the context menu of the certificate file? It would be great if this item automatically copied the certificate file and executed the "openssl rehash" command in "back end".
If you mean costum root certificates then the way is this: create /system/non-packaged/data/ssl/certs copy cert to /system/non-packaged/data/ssl/certs/cert run openssl rehash on the commandline
Sorry that it is still this complicated :)
you should be able to test with openssl s_client, and it's return code, whether the tls connection can be established then.