[aprssig] Who/where is the Certificate Authority for the APRS-IS servers?
curt.we7u at gmail.com
Wed Sep 24 12:35:03 CDT 2014
On Wed, 24 Sep 2014, Andrew P. wrote:
> I was working on implementing SSL support in my APRS application, and noticed that the APRS-IS servers identify themselves with certificates issued by someone other than any of the big Certificate Authorities. Where does one get the trusted root CA certificate for these servers? Is it available on a webpage somewhere (maybe where the server code is available)?
You should be able to click on the padlock when on one of these servers, look at the certificate, hit the "Details" tab and look some more. Somewhere in there should be a link to the root certificate. You should be able to click on that and get asked if you want to import and trust that certificate.
So, using Firefox right now hooked to one of our internal servers at work that uses a different trusted root:
Left-click on the padlock.
Click "More Information"
Click "View Certificate" button.
Click "Details" tab.
Under Certificate->Extensions->Authority Information Access is a line that says: "CA Issuers". It has a URL that ends in ".crt". I put that into my browser and it asks me if I want to import that certificate (Don't know the exact message right now 'cuz I already did that, just yesterday! So mine today says: "This certificate is already installed as a certificate authority."
Curt, WE7U. http://wetnet.net/~we7u
APRS Client Capabilities: http://wetnet.net/~we7u/aprs_capabilities.html
More information about the aprssig