Element-web: Add a way to trust self-signed certs

Certainly we can't do this in the in-browser app, as it's very much up to the browser.

I doubt we can do it for the electron app either, but maybe @dbkr knows differently.

At the end of the day, Letsencrypt is a thing, and probably a better solution than self-signed certs anyway.

This might help: http://electron.atom.io/docs/api/app/#event-certificate-error

So it'd be possible to subscribe to that event and then, well, either verify it or not, based on user input

Hello, im not too sure where the code for that would go i tried editing it into the main.js but when i do the console no longer shows the insecure error but it still shows the trusted error on the main app.

Nevermind i gave lets encrypt a go and it worked out beautifully.

I also have this problem. Let's encrypt is not an option for me (DS-Lite and DynDNS problems).

@tschopo what OS?

Ubuntu 16.04

Linux is the difficult one in this case sadly

why is that?

because for Windows and Mac electron supports firing the System UI for trusting certificates. For Linux we would need to write our own code for that

Just tried under windows 8.1. Here there is also no way to trust the certificate.

I didn't say its being called. I'm saying it CAN be, its a feature of Electron, for Linux it doesn't support it so would require a lot more work. In Windows/Mac you can trust it using the OS System settings and it'll work anyway, in Linux I don't think thats guaranteed to work

I can work around this issue by adding --ignore-certificate-errors when starting riot-web.

It's probably more likely blocked on upstream support

I cant use the Windows Desktop 0.17.3 because of self signed certificate warning. the --ignore-certificate-errors does not Work with Windows. How can we use the beta riot Windows Client with self signed certificates?

Trust the cert in a browser / the os itself

By OS may be working but why in 'a' browser? There should be no link between Firefox (for example) and the Windows App. I should also working like the android App to trust easily self signed certificates.

Browsers should add it to Windows certificate store which the chromium engine inside the windows app will read from

No. FF for Example has its own certificates management and nothing to do with Windows certs. IE 11 want not load the site with the error: DLG_FLAGS_INVALID_CA DLG_FLAGS_SEC_CERT_CN_INVALID I guess IE11 can manually add his cert with some mouseclicks, but there is no cert-automatism.

Hi,

are there any news on this topic. We need that feature for our intern matrix server. We don't have the server connected to the internet so Let's Encrypt is no option.

Regards Martin

Same here! Please add an option to import own CAs!

Same here. Our users VPN in to use riot against local matrix (synapse) server. Any updates?

Espero que mas delante puedan darle la opcion de poder aceptar o no los certificados