Am 20.03.2012 10:47, schrieb Adi Kriegisch:
> Hi!
>
>> It seems to me that mozilla decided (for Version 10 at least) to only
>> allow plugin updates from https sites signed by builtin CA. How are all
>> the sogo user using automatic updates? Do you use official certs only?
>> are there users of self made cert chains for the update server?
> We run our own PKI and use
> || force_bool_pref("app.update.cert.requireBuiltIn", false);
> in integrator to allow updates from our site.
Thanks, but still no success. I added this line to my 10.0.1 integrator
xpi and update it manually. It is set according to my configuration. But
the missing connector plugin is not updated (same error message as
before: certificate is not builtin). This is tested on a windows
machine. I will test this in linux as well.
in my web server log I can see that thunderbird runs
"GET /plugins/SOGo/sogo-connector-10.0.1.xpi HTTP/1.1"
and the plugin is there.
Are there any other settings to be done?
>
> We, however, require our users to manually install our certificate
> authority because we found no easy way to deploy our CA within Thunderbird
> or remove some of the other CAs like cnnic. Mozilla and certificate
> authorities is kind of a sad story...
Yes, definitely. If it is only me, manual update and cert installation
is not the problem, but some of my users don't want to do these things.
In their eyes Computers are to make things easy.
Martin
>
> -- Adi
--
users@sogo.nu
https://inverse.ca/sogo/lists
