SSL Certificates on OSX (Dar :)
Dave Cragg
dcragg at lacscentre.co.uk
Mon Jan 9 06:35:24 EST 2006
On 6 Jan 2006, at 14:57, David Bovill wrote:
> Has anyone used SSL certificates on OSX with Rev?
A little. So this is definitely not expert advice.
>
> I have created and downloaded a certificate from www.cacert.org but
> I am not sure if this is what is required. The file is
> david at openpartnership.net.crt and not a .pem file. Also I am not
> sure where to put it or how to work with keychain access - any
> pointers?
David, what is it you want to do with this certificate? Use it to
provide your own secure web server, or to verify connections to https
sites secured with certificates issued by CAcert? I'm assuming the
latter. If that's right, then I *think* you will need a different
certificate. I'm guessing the certificate you mention above is your
personal certificate for securing websites, mail, etc.
I tried this:
From the following url
https://www.cacert.org/index.php?id=3
download the Class 1 (PEM format) Root Certificate. (This will be a
file named "root.crt")
Then set the sslCertificates to this file:
set the sslCertificates to "/whatever/root.crt"
Then to test, try to connect to ths test url: https://www.cacert.org/
put url "https://www.cacert.org/" into tData
if the result is not empty then
answer the result
else
answer "seem to be working"
end if
There should be no need to use libUrlSetSSLVerification. It is true
by default, but if you have previously set it to false, then you
should reset it to true. It certainly won't harm to specifically set
it to true.
I had some mixed success with this root.crt file. I could connect
more often than not to the test url, but I also got a lot of socket
timeouts. (on OS X 10.4.3)
Good luck!
Dave
More information about the use-livecode
mailing list