[jitsi-issues] [JIRA] Commented: (JITSI-944) StartCom certificate in cacerts file

dpocock (JIRA) jira-no-reply at java.net
Sun Aug 21 16:38:36 CEST 2011


    [ http://java.net/jira/browse/JITSI-944?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=319343#action_319343 ] 

dpocock commented on JITSI-944:
-------------------------------

Similar to JITSI-977

> StartCom certificate in cacerts file
> ------------------------------------
>
>                 Key: JITSI-944
>                 URL: http://java.net/jira/browse/JITSI-944
>             Project: jitsi
>          Issue Type: New Feature
>          Components: deployment
>    Affects Versions: current
>         Environment: Windows, possibly others where the JRE runtime is included
>            Reporter: rajkosto
>            Priority: Minor
>         Attachments: cacerts
>
>   Original Estimate: 2 minutes
>  Remaining Estimate: 2 minutes
>
> Jitsi uses it's own JRE runtime, which includes a trusted CA store, but that CA store doesn't include the StartCom CA, which is popular for xmpp servers, so every time i connect to my xmpp server i get a certificate warning. Adding the StartCom CA to the cacerts keystore in jre/lib/security fixed the problem, untill Jitsi performed it's daily autoupdate, trampling the file with the original again.
> Could you please include StartCom certificate into the shipped CA store ? (Firefox and other browsers include it, so it should be secure enough)
> It only takes a few minutes, like so:
> wget http://www.startssl.com/certs/ca.crt
> keytool -import -trustcacerts -alias startcom.ca -file ca.crt -keystore cacerts
> wget http://www.startssl.com/certs/sub.class1.server.ca.crt
> keytool -import -alias startcom.ca.sub -file sub.class1.server.ca.crt -keystore cacerts
> I've included the modified castore that includes the StartCom CA inside of it in the attachment

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://java.net/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        




More information about the issues mailing list