Friday 22nd of May 2015 08:00:12 EST
Want to help us out? Bitcoin: 1EZTVtpeNttqdDayh3D98nfQYybeZhu5YV



Login Register
[ Forum » Admin's Corner » Thread ]

[#97472] Written by: slad007 [30/06/08, 06:22]
Action: [ Reply ] [ Quote ]
note: this post was written in 2008 and it no longer applies. (bf 2014.01.19)


you can access your favorite eztv site now also through a secure layer so nobody
can peek into what you are browsing

now we put some free certificate on the server as the paid ones are really

to be able to access you need to follow following instructions

internet explorer

a. installation using activex (for a single user)

this won't work with windows vista!

1.go to the cacert root certificate website:
2. click on 'click here if you want to import the root certificate into
microsoft internet explorer'
3. check that the certificate matches the following:

sha1: 135cec36 f49cb8e9 3b1ab270 cd808846 76ce8f33
md5: a61b375e 390d9c36 54eebd20 31461f6b

1. click on yes.

b. manual installation (for a single user)

if you want to install the cacert root certificate manually into internet
explorer do the following:

1.go to the cacert root certificate website:
2. download the 'root certificate' and the 'intermediate certificate' (choose
either der or pem format - it doesn't matter)
3. open the windows key store: view -> tools -> internet options -> content
-> personal -> certificates
4. choose the trusted root certification authorities tab.
5. import the certificates you downloaded.

note: this procedure only adds the cacert certificates to the current user! if
you have multiple user accounts have a look at the next section.

c. import into microsoft windows for multiple users

if you have more than one account on your computer you don't want to install the
cacert root certificate for every single user. therefore you can manually import
the cacert root certificates into the local machine store. this procedure works
only for microsoft programs (e.g. internet explorer and outlook), so you will
also need to import the certificate into non-microsoft browsers and e-mail programs.

1.go to the cacert root certificate website:
2. download the 'root certificate' and the 'intermediate certificate' (choose
either der or pem format - it doesn't matter)
3. log in as an administrator
4. click the windows start button and choose run
5. type mmc, then hit enter
6. from the new window open the file menu and choose add/remove snap-in...
7. click the add button
8. choose the certificates item from the listbox and click the add button
9. choose the computer account radio button and click the next button
10. choose the local computer radio button and click the finish button
11. click the close button
12. click the ok button
13. expand the tree to view trusted root certification authorities node
14. right click on the trusted root certification authorities
15. find the all tasks menu item then choose import off that menu and click next
16. type in, or browse to certificate you previously downloaded and click next
17. verify that the radio box labeled place all certificates in the following
store is checked and that text box says trusted root certification authorities
18. click next and then finish

at this point you should get a message saying the import was successful, and you
can close the mmc window.


firefox uses it's own certificate manager. so even if your windows (and other
microsoft) applications already use a root certificate firefox still might not.

importing the cacert root certificate

1. go to the cacert root certificate website:
2. click on 'root certificate (pem format)' 1
3. you'll get:

you have been asked to trust a new certificate authority (ca).
do you want to trust "ca cert signing authority" for the following purposes?
[ ] trust this ca to identify web sites.
[ ] trust this ca to identify email users.
[ ] trust this ca to identify software developers.
before trusting this ca for any purpose, you should examine its certificate
and its policy and procedures (if available).
[view] examine ca certificate

4. you should click on view to check the certificate. most important is that
you check the fingerprints of the certificate 2. they should match the following:

sha1 fingerprint: 135c ec36 f49c b8e9 3b1a b270 cd80 8846 76ce 8f33
md5 fingerprint: a6:1b:37:5e:39:0d:9c:36:54:ee:bd:20:31:46:1f:6b

5. close the certificate viewer and tick at least the first box ('trust this
ca to identify web sites.').
6. press ok.
7. click on "class 3 pki key, intermediate certificate (pem format)" on the
cacert root certificate website.
8. click the "view" button and verify the fingerprints and owner.

fingerprint sha1: db:4c:42:69:07:3f:e9:c2:a3:7d:89:0a:5c:1b:18:c4:18:4e:2a:2d
fingerprint md5: 73:3f:35:54:1d:44:c9:e9:5a:4a:ef:51:ad:03:06:b6

9. select all "trust this ca to ..." checkboxes and click "ok".
10. that's it

installing the crl

1. click the 'revocation lists' button in tools->options->advanced->encryption
to open the manage crl window.
2. once there, click the "import" button, then enter the url .
3. click "ok", and set the automatic update preferences accordingly. note: it
may take a few moments to import the crl after you click "ok".

if you want to check, modify, or delete the cacert root certificate you can
access it at any time via:

1. open edit -> preferences -> advanced
open tools -> options -> advanced
2. certificates -> manage certificates
3. authorities
4. the cacert certificate is called root ca (scroll down to 'r'!)
5. here you can view, edit and delete it.

more info on other clients

happy safe surfing

the eztv team
ipv6 ready