|Re: [tycho-user] Using self signed certificates for plugins: the certificate is not stored?|
There is a certificate store of trusted certificates from certificate authorities. When you purchase a code signing certificate, the issuer will verify that you are who you say your and sign your certificate with their signature, establishing a chain of trust: https://en.wikipedia.org/wiki/Chain_of_trust. If an application encounters a certificate that is not in its certificate store and does not have a chain of trust based on one of the certificates in the certificate store, then you'll get a warning. You can choose to ignore that warning.
To prevent the user from getting a warning when he encounters that same (untrusted) certificate again, the user has to add the certificate to his certificate store. In some cases, like with your web browser, the application may give the user the ability to add the untrusted certificate to a store of trusted certificates. If the app doesn't provide that option, the user will need to perform those steps separately, using OS or application-specific tools.
I don't remember whether Eclipse is just checking against the JVM's cacerts certificate store or whether it eventually goes back to the operating system's certificate store somehow. I believe that it's *only* checking the JVM's certificate store. If that's true, then you just need to follow instructions for importing certificates to the JVM. For example,
Back to the top