|
General background:
There is a certificate store of trusted certificates from certificate authorities. When you purchase a code signing certificate, the issuer will verify that you are who you say your and sign your certificate with their signature, establishing a chain
of trust: https://en.wikipedia.org/wiki/Chain_of_trust. If an application encounters a certificate that is not in its certificate store and does not have a chain of trust based on one of the certificates
in the certificate store, then you'll get a warning. You can choose to ignore that warning.
To prevent the user from getting a warning when he encounters that same (untrusted) certificate again, the user has to add the certificate to his certificate store. In some cases, like with your web browser, the application may give the user the ability
to add the untrusted certificate to a store of trusted certificates. If the app doesn't provide that option, the user will need to perform those steps separately, using OS or application-specific tools.
For Eclipse:
I don't remember whether Eclipse is just checking against the JVM's cacerts certificate store or whether it eventually goes back to the operating system's certificate store somehow. I believe that it's *only* checking the JVM's certificate store. If
that's true, then you just need to follow instructions for importing certificates to the JVM. For example,
---Tom
On 2/25/16, 2:20 PM, "tycho-user-bounces@xxxxxxxxxxx on behalf of Bruno Medeiros" <tycho-user-bounces@xxxxxxxxxxx on behalf of
bruno.do.medeiros@xxxxxxxxx> wrote:
|
↧
Re: [tycho-user] Using self signed certificates for plugins: the certificate is not stored?
↧