How to handle NET::ERR_CERT_AUTHORITY_INVALID

blind0ne

blind0ne

Hi, what if I want to produce certificates and don't want to receive 'NET::ERR_CERT_AUTHORITY_INVALID' in web browser? where and how my browser asks about cert's origin?
 
The Howto section is not for asking how to do things. Thread moved.
 
blind0ne said:
where and how my browser asks about cert's origin?
Click to expand...
The certificate itself. It tells you who signed it. At the top there's a CA certificate, a Certificate Authority. These CA certificates are root certificates, on FreeBSD they're included with security/ca_root_nss. It's these CA certificates you trust. If a certificate has been signed by any one of those trusted certificate authorities then the certificate is valid. If the CA cannot be verified (or isn't trusted) then you get a certificate authority error. This typically happens with self-signed certificates. If you used self-signed certificates then you have to make sure your browser imports that CA certificate you created and used to sign your self-signed certificates with.
 
SirDice said:
The certificate itself. It tells you who signed it. At the top there's a CA certificate, a Certificate Authority. These CA certificates are root certificates, on FreeBSD they're included with security/ca_root_nss. It's these CA certificates you trust. If a certificate has been signed by any one of those trusted certificate authorities then the certificate is valid. If the CA cannot be verified (or isn't trusted) then you get a certificate authority error. This typically happens with self-signed certificates. If you used self-signed certificates then you have to make sure your browser imports that CA certificate you created and used to sign your self-signed certificates with.
Click to expand...
How the verification is being done? What is protection mechanism from the "fake" authority?
 
You must log in or register to reply here.
Back
Top