Alfred Peng wrote: > On 08/11/09 05:01 PM, Darren J Moffat wrote: >>> Instead the discussion should maybe stick to just the question of what >>> the default HTTPS setting should be, whether Darren's suggestion of >>> linking this case to shipping a working root CA file is appropriate, and >>> how to document how to load alternate certs. >>> >> Lets assume there is a file that had the same set of CA certificates as >> is present in firefox and it was in a format suitable for libsoup. With >> that assumption is there any reason not to have HTTPS enabled with >> Webkit pointing to that file ? > Hi Darren, > > I notice that a fast-track (PSARC/2009/430) has been created for CA > (X.509) Certificates integration. Thanks a lot for working on this. > > With this set of CA certificates available, I think it's reasonable to > enable HTTPS support for WebKit and point SOUP_SESSION_SSL_CA_FILE to > "/etc/certs/cacert.pem". > > BTW, is there a test version of CA certificates file so that we can do > some test with for WebKit?
Use this for your testing: http://curl.haxx.se/ca/cacert.pem -- Darren J Moffat
