Issac Goldstand wrote: > >> Issac wrote: > > Domi, > I'm happy it helped. You can change your opinion any time you like; > just access Firefox's certificate store and you can view the > certificates you've chosen to trust, and the revocation lists. If you > don't want to continue trusting a cert, based on what you see in the > CRL, or for any other reason, take it out of the trusted certificates > list. > > By "trusting" the cert in the browser in the first place, you're > essentially telling the browser to ignore normal rules and depend on you > (as the human user) to determine the certificate's validity and > authenticity. > As the browser has no way of knowing why you know the certificate is > safe in the first place, it makes no assumptions for you as to when to > stop trusting it. > > Issac > > Hello Issac, I just thought about it and tested a bit (before reading your last message). I think that I made the mistake trying to access the site before importing the CA certificate into my browser. So the browser asks me whether to trust the certificate of my site. When I import the CA certificate in the forefront of accessing the site the browser this question won’t come later. I think I’ll stop here for today because I was busy on this for quite a long time and my head feels a bit dizzy. Tomorrow morning I’ll continue here and let you know about my progress. All comments are welcome in the meanwhile. best regards domi PS: Again my thank to Issac. By the way you wrote <You can change your opinion any time you like; just access Firefox's certificate store and you can view the <certificates you've chosen to trust, and the revocation lists. Where is this store or do you mean what you see under settings-advanced-encryption in the browser? But I'm not able to see the details of the CRL or is this possible? An answer would be nice because (as I said) I'm too dizzy to search. Otherwise I will search tomorrow one my own. -- View this message in context: http://www.nabble.com/Problem-with-revoked-certificates.-tf3169656.html#a8793797 Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|