Hello Bertrand, Am 2009-09-11 13:03:09, schrieb Bertrand Yvain: > This cannot work. The client should have the CA certificate before > SSL/TLS handshake. You'll have to find a way to offer the certificate > beforehand. > > This can be done over HTTP by sending your CA certificate with > application/x-x509-ca-cert MIME type (grep x509 /etc/mime.types). > Decent client software should then ask the user if she wants to install > the certificate as trusted. So, my website need a redirection? Is there a possibility for the server to check whether a CERT is already installed? I mean, if a user connect to my HTTP website, a script could check for the existence of my enterprise cert and if it is not already installed open a windows which offer the download. This is what happen to me several times on different websites... But what me let puzzeling is, that I connected to a HTTPS website and a PopUp (Firefox) opened with the message that the Website is encrypted and a suitable cert is not installed on my system and that the website offer to download the cert. I accepted and a new Dialog (from Firefox) opened where I can check the thing and ACCEPT/DECLINE it. This is what I like to have. Thanks, Greetings and nice Day/Evening Michelle Konzack Systemadministrator Tamay Dogan Network Debian GNU/Linux Consultant -- Linux-User #280138 with the Linux Counter, http://counter.li.org/ ##################### Debian GNU/Linux Consultant ##################### <http://www.tamay-dogan.net/> Michelle Konzack <http://www.can4linux.org/> Apt. 917 <http://www.flexray4linux.org/> 50, rue de Soultz Jabber linux4michelle@jabber.ccc.de 67100 Strabourg/France IRC #Debian (irc.icq.com) Tel. DE: +49 177 9351947 ICQ #328449886 Tel. FR: +33 6 61925193
Attachment:
signature.pgp
Description: Digital signature