Forum Discussion
Option to safely yet simply add exceptions for java, flash and self signed certs?
Oh it's alright, I don't use Firefox much but I know the universal and correct way to trust any Certificate Authority, including the self singed certificate, is this way:
- In Windows RUN, enter "certlm.msc" (with Admin rights)
- navigate to the Trusted Root Certificate Authorities store (should be the 2nd from top)
- right-click anywhere and select import then browse for your self signed certificate CA.
to get this certificate you need to go to the computer/server where you generated the self signed certificate, go to its Trusted Root Certificate Authorities store and export it. now when exporting, you should first decide if it's going to be used on a server or client. if it's a server then export with private key, if it's a client don't export with private key.
You're right, almost all companies and developers that provide support for their clients have/will have provided the update for Flash removal by that time.
though there are some 3rd party emulators for Flash but since it won't be getting any more security updates from Adobe, the security risk is fairly high.
Thank you for expanding on that for me. TBH I don't know much about the inner workings of how browsers interact with the OS and other add ins.
Please correct me where I'm wrong, but didn't Firefox provide a really simple way to add the cert or site to trusted list of the computer right from the "Site not safe" warning dialog?
Let's say the site doesn't load due to self signed or old cert, then I could click on the lock icon, get the information and a place that says something to the effect of "advanced" or "developer" where I could choose to allow that cert from the site or maybe anything from that site, because it know it's a little web enabled device serving up a simple web console or interactive site. Add a warning that says, "Don't do this unless you trust the site; you are making your computer vulnerable to attacks and your antivirus won't be able to help you."
I understand why people are moving away from Flash, but not supporting it at all seems a little brash. On the bright side I cannot think of many embedded systems with Flash code that don't have firmware updates available.
Oh it's alright, I don't use Firefox much but I know the universal and correct way to trust any Certificate Authority, including the self singed certificate, is this way:
- In Windows RUN, enter "certlm.msc" (with Admin rights)
- navigate to the Trusted Root Certificate Authorities store (should be the 2nd from top)
- right-click anywhere and select import then browse for your self signed certificate CA.
to get this certificate you need to go to the computer/server where you generated the self signed certificate, go to its Trusted Root Certificate Authorities store and export it. now when exporting, you should first decide if it's going to be used on a server or client. if it's a server then export with private key, if it's a client don't export with private key.
You're right, almost all companies and developers that provide support for their clients have/will have provided the update for Flash removal by that time.
though there are some 3rd party emulators for Flash but since it won't be getting any more security updates from Adobe, the security risk is fairly high.