[TriLUG] CA Cert Usefulness

Brian McCullough via TriLUG trilug at trilug.org
Fri Jul 2 15:13:03 EDT 2021


On Fri, Jul 02, 2021 at 11:26:40AM -0400, Triangle Linux Users Group discussion list wrote:
> On my Devuan system, Firefox 89.0.2 (64-bit) the link takes me to the Cert
> website. It does show 'connection not secure" on the URL bar.
> johnm at 7010:~$ uname -a
> Linux 7010 4.19.0-17-amd64 #1 SMP Debian 4.19.194-2 (2021-06-21) x86_64
> GNU/Linux
> Firefox settings?

For both of you, and anybody else.

I don't know whether you are aware or not, but the CAcert Root
Certificates are not included in "commercial" browsers by default.

If you install those certificates yourself, those "error" messages will
go away.

Simply go to CAcert.org, look at the menu that is shown on the right
side, and find the item, the fourth one, labelled Root Certificate.
Click.  If you are interested in the legalities, read the License at the
top of the page.  If you like living dangerously, just charge on, and
install one of each of the Class 1 and Class 3 PKI Keys in each of your
browsers that you want to use.  As far as I know, the PEM format should
work for most people.   There are Fingerprint listings for each of those
Keys, for validation.  CAcert should show up as "Authorities" in your
browser's Certificate Management section.


I hope that this is at least a little helpful.




> john mitchell


Brian



More information about the TriLUG mailing list