On 08/11/09 05:01 PM, Darren J Moffat wrote: >> Instead the discussion should maybe stick to just the question of what >> the default HTTPS setting should be, whether Darren's suggestion of >> linking this case to shipping a working root CA file is appropriate, and >> how to document how to load alternate certs. >> > Lets assume there is a file that had the same set of CA certificates as > is present in firefox and it was in a format suitable for libsoup. With > that assumption is there any reason not to have HTTPS enabled with > Webkit pointing to that file ? Hi Darren,
I notice that a fast-track (PSARC/2009/430) has been created for CA (X.509) Certificates integration. Thanks a lot for working on this. With this set of CA certificates available, I think it's reasonable to enable HTTPS support for WebKit and point SOUP_SESSION_SSL_CA_FILE to "/etc/certs/cacert.pem". BTW, is there a test version of CA certificates file so that we can do some test with for WebKit? Best Regards, -Alfred