Date: Sat, 5 Jan 2013 12:45:13 -0500 From: "J.R. Oldroyd" <fbsd@opal.com> To: Yuri <yuri@rawbw.com> Cc: freebsd-chromium@freebsd.org Subject: Re: Why "Delete" button in "Certificate manager" is disables? Why certificates are prefilled? Message-ID: <20130105124513.29173323@shibato> In-Reply-To: <50E7D85F.4080006@rawbw.com> References: <50E7882A.1030302@rawbw.com> <20130104221348.34923f5a@shibato> <50E7D85F.4080006@rawbw.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 04 Jan 2013 23:38:07 -0800 Yuri <yuri@rawbw.com> wrote: > On 01/04/2013 19:13, J.R. Oldroyd wrote: > > For certificates that were distributed with the browser, you can > > click the "Edit" button and disable the three Trust boxes which > > essentially turns off the certificate. > > For the matter of testing, I disabled all Thawte* certificates. > And https://google.com still shows without a problem and says that > its identity is verified by Thawte SGC CA. > > Yuri The certificate hierarchy for the google.com certificate shows that it is signed by the two "Verisign Class 3 Public Primary Certification Authority" certificates. If you uncheck the box for "Trust for verifying web sites" for these two certificates, then reload the https://google.com page, the browser is no longer able to verify the certificate. -jr
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130105124513.29173323>