signtool docs advise publishing your self-signed test code signing cert for others to import

NEW
Unassigned

Status

NSS
Documentation
--
major
9 years ago
9 years ago

People

(Reporter: Nelson Bolyard (seldom reads bugmail), Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

The documentation for the signtool program (including the README file in the
sources) explains how to generate a self-signed test cert and output it to a
file named x509.cacert.  The reader is advised:

> x509.cacert can be published on a web page and imported into browsers 
> that visit that page.

recent postings in mozilla.dev.tech.crypto indicate that users are doing 
just that!

AAARRRGGGHHH!!!
You need to log in before you can comment on or make changes to this bug.