Just being a security PITA here, but that solution makes the security of their systems subject to whatever safeguards you do or do not put on yours.
If I can extract the CA private key from your PC than it is trivial for me to create a www.chase.com certificate that will be trusted by their browsers without any question, and mount a man-in-the-middle attack on their banking. CM On Mon, 28 Aug 2023 16:23:55 -0700, Tom Brennan <[email protected]> wrote: >Does that work? In the past when I created a self-signed cert (for >Apache on Linux), adding it to the trusted certs didn't work (at least >in Chrome). I still got the evil warnings. I ended up creating my own >CA, used that to sign the web cert, and then copied the CA to the >trusted certs in Chrome. Then I gave out the CA to the folks I work >with who needed to access the web page, and they did the same. That was >easy and cheap for a small group of known users. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
