maemo.org Bugzilla – Bug 1528
Cannot add a trusted certificate to Web Browser
Last modified: 2009-09-21 13:23:41 UTC
You need to
before you can comment on or make changes to this bug.
It seems as though there is no way to add a certificate as trusted "against
Opera's will" even if one has a reason for doing so (employer/school has own
root CA, etc). For example, I would like to add the SNC root certificate from
http://www.snc.edu/compserv/handouts/rootcert.htm but it just downloads the
file, and the seemingly-unrelated Certificate Manager in the control panel
doesn't do anything with that file.
Is this related to bug #1268?
The certificate manager is theoretically integrated with the installed browser.
However, in my experience, most certificates people try to use don't work. Half
the time the problem is with the certificate (most certificates floating around
aren't valid), and half the time, certman is just broken.
Ryan, I'd love to test this against MicroB again before closing as WONTFIX
(because Opera is no longer used in Diablo and there will be no changes to the
package.) but the URL doesn't work anymore.
Is this still an issue in Diablo, or can you provide an updated URL so I can
test myself? Thanks.
Here's the new link.
we're going to replace certman with a pkcs11 module for fremantle, at this time
afaict installing a certificate requires certutil or just copying your certdb
1. load http://www.cacert.org/index.php?id=3
2. click Password Login <https://www.cacert.org/index.php?id=4>
3. click cancel in the alert dialog (or in firefox, go back)
4. click Intermediate Certificate (PEM Format)
- in firefox, you're prompted to install the certificate, in microb diablo we
seem to do nothing (you don't want to know the story behind this, it's much
better than what we did earlier) - for consistency, in firefox, click cancel
5. click Intermediate Certificate (DER Format)
- in firefox, you're asked what to do w/ the file (nss is apparently not
registered for DER)
- in microb, you're asked if you want to install it w/ certman
6. install it w/ certman
7. if you're in firefox, go back and install the pem
8. in either case, trust for web sites
9. try the password login link from 2 again
- in firefox it works, in microb it doesn't.
anyway, there's a project, I saw the pkcs11 module yesterday and it was
basically working. i don't know if we'll try to backport it.
(In reply to comment #4)
> for testing:
> 1. load http://www.cacert.org/index.php?id=3
cacert site certificate section is down at the moment; I can provide an
and root certificate
(sha1 fingerprint: D8EF2DDA 72227A38 4A2D9277 F5652CB7 030651FC)
A section of the same site is set for ssl client auth, i can provide a test
client cert if you want.
*** Bug 3792 has been marked as a duplicate of this bug. ***
Fixed in Fremantle. Root certificates can be added by downloading them as files
and starting installation by the File Manager. The integration with the browser
is not as smooth as it should be (clicking a link that points to a certificate
leads to an error, in stead you have to tap the link and select "save as", then
get rid of the .html-extension appended automatically), but is possible.