Page 1 of 1
SSL wildcard certificate does not match - How to trust ?
Posted: 25 Aug 2010 11:49
by chownes
Hello,
I am wondering how to trust a certificate manually in VLC.
My purpose is to open a stream over https. The common name of the certificate sent by the remote site is
which does not match
So I would like to tell VLC that this certificate can be trusted. This can be done easily in Firefox for instance (it offers to add a security exception). How do you do it in VLC ?
--
Re: SSL wildcard certificate does not match - How to trust ?
Posted: 27 Aug 2010 04:31
by Rémi Denis-Courmont
You can't. You need to add the root CA to the CA list.
Re: SSL wildcard certificate does not match - How to trust ?
Posted: 27 Aug 2010 15:13
by chownes
The necessary arrangements with a Root CA file have been made (with the Stream Output preference and a file in PEM format).
The problem lies with the wildcard mechanism for the last certificate in the chain.
Re: SSL wildcard certificate does not match - How to trust ?
Posted: 28 Aug 2010 03:14
by Rémi Denis-Courmont
Matching names is done inside libgnutls. VLC is not involved there.
Re: SSL wildcard certificate does not match - How to trust ?
Posted: 29 Aug 2010 23:18
by chownes
I posted to the gnutls mailing list, here is a reply to my post:
http://article.gmane.org/gmane.network. ... neral/2111
Is there already a way to tell VLC not to check the name on the certificate, or is there a need to modify VLC ?
Re: SSL wildcard certificate does not match - How to trust ?
Posted: 30 Aug 2010 01:11
by Rémi Denis-Courmont
No and yes.