How trusted CA certificate can be installed on my device?

I want to make my own trusted root CA. Then i will make clients who will get certificates from my CA for secured communication . But for verifying the certificates by clients issued by server, they should have CA's own certificate which contains public key of CA and it should be preinstalled in all clients. How can i install my CA's certificate installed securely on all clients (ie my clients would be computer systems).


It's entirely up to you. A standard browser comes with a list of pre-installed root CA certificates which it can use to build its own web of trust. You can follow this approach and hard code your certificate into your client. The disadvantage is if you want to change your certificate between build and installation. You could keep the certificate on the server and get the client to contact you to fetch it on installation. The problem with this is the vicious cycle of proving that you are the correct person to provide the certificate, if the client doesn't have your certificate to do so.

链接地址: http://www.djcxy.com/p/21788.html

上一篇: 什么使SSL安全?

下一篇: 如何在我的设备上安装可信的CA证书?