Why do I need to install the whitetrash SSL Certificate Authority (CA) certificate?
Whitetrash has its own certificate authority built-in that is used to create certificates for whitelisting SSL sites. When you request an SSL site (e.g. mail.google.com) that isn’t in the whitelist, whitetrash creates an SSL certificate for that site (*.google.com). It then redirects you to the whitetrash ‘addentry’ form using the new certificate for the domain you requested. In effect whitetrash pretends to be mail.google.com for the purpose of delivering you the form to add the domain. Having whitetrash as a trusted CA means that the user will not get SSL warnings about bad certificates each time they try to whitelist an SSL site. Once the SSL site has been whitelisted, the SSL certificate exchange is simply proxied to the actual site by squid without any involvement from whitetrash. Whitetrash does not intercept or decrypt SSL sessions with whitelisted sites – users can verify this by checking the certificate in their browser.
Related Questions
- Do I need to install any certificates in my browser to access web sites that use SSL or EV certificates issued by the InCommon Certificate Service?
- How do I create and install VT SSL Server cert for Windows 2003 Server using IIS Certificate Wizard?
- How do I install the whitetrash SSL Certificate Authority (CA) certificate in my browser?
