Re: Remove an "Always Trust" permission from OpenJDK/IcedTea Plugin
On Mon, Apr 18, 2011 at 6:06 PM, adris <adris1@t-online.de> wrote:
> Hi,
>
> how can you undo the permission "Always Trust this Publisher", once you
> checked that box for a signed applet in Iceweasel.
(Shooting from the hip, here, but, ...) I think the quickest way is to
remove the corresponding certificate.
You go to the settings item in the edit menu, I don't remember the
name of the group in English, but it should be something like
miscellaneous or high-level or advanced or something. It's not in the
security, contents, program, or privacy group, where you might expect
it.
There will be several tabs within that advanced (or whatever) group,
look for the encryption tab. Note that there's a list for invalidated
certificates, and click the show certificates button.
Yeah, you'll see more than a few of those certificates that you'll
want to consider carefully whether you really want them in your trust
list, but you should also find the certificate that has the signature
that you don't want to trust after all. And you can probably delete
it.
There may be situations where you have a notice of invalidation, in
those cases, you would want to add the invalidated certificate(s) to
the list of invalidated certificates so you don't accidentally import
the bad certificate later.
> The applet is being
> loaded with the IcedTea6 Plugin and run by OpenJDK-6-JRE.
Another possibility is to get out the Java policy management tools and
enter a policy of not trusting the signature source. I'm not
remembering where they are, but they would be in the system
adminstration or settings (launcher) menu, rather than in the
browser's menus, I think.
> iceweasel 3.5.16-6
> icedtea6-plugin 6b18-1.8.3-2
> openjdk-6-jre 6b18-1.8.3-2+squeeze1
>
>
> Thanks,
> adris
>
Reply to: