On Sun, Apr 17, 2011 at 11:18:00AM +0200, Tomas Bodzar wrote: > On Sun, Apr 17, 2011 at 11:04 AM, Marco Peereboom <[email protected]> wrote: > > Not correct. > > > > On openbsd use "ssl_ca_file = /etc/ssl/cert.pem" per the example in the > > config file. ??The ~/.xxxterm/certs/ directory is where certs are saved > > to when prompted by the user. > > Then question is why if it's set "my way" it shows in address bar blue
Because you saved it. Not because you point to that directory. > color for correct certs and yellow when untrusted because man says > that it must be green. But will try correct way if color will be > green. It will be if the cert is trusted. > > > > > On Sun, Apr 17, 2011 at 08:05:42AM +0200, Tomas Bodzar wrote: > >> On Sun, Apr 17, 2011 at 7:39 AM, Tomas Bodzar <[email protected]> > >> wrote: > >> > Hi all, > >> > > >> > as stated in man page for xxxterm: > >> > > >> > ssl_ca_file B ??B ??B ??B ??B ??B ??B ??B ??If set to a valid PEM file > >> > all server > >> > B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B > >> > ??B ??certificates will be validated against > >> > B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B > >> > ??B ??it. B The URL bar will be colored green > >> > B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B > >> > ??B ??when the certificate is trusted and > >> > B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B > >> > ??B ??yellow when untrusted. > >> > > >> > B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B > >> > ??B ??If ssl_ca_file is not set then the URL > >> > B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B > >> > ??B ??bar will color all HTTPS connections > >> > B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B ??B > >> > ??B ??red. > >> > > >> > > >> > it looks like it's able to autenticate only against PEM file, but > >> > certs are stored as ASCII text in .xxxterm/certs so what's the correct > >> > setting for that? > >> > >> yep > >> > >> ssl_ca_file = /home/username/.xxxterm/certs/ > >> > >> is all you need. Just not proper wording in man page.
