SWT-Browser: How to load a resource using HTTPS if the certificate is untrusted?

问题

I am using the SWT Browser Widget to load the image of a webcam-server via HTTPS. Sadly the webcam-server certificate is untrusted. I tried to 2 variants to load the image:

1. Browser.setHTML(String)
   Load the image using HTML+JavaScript every second. This is the prefered way to avoid flickering. This works very fine for HTTP, if i have a HTTPS connection i will see noting at all except my alternative text.
2. Browser.setUrl(String)
   Load the image by setting the URL every second. This causes massiv flickering because of the reload, wich is unacceptable. I tried this variant with all available SWT-Browsers. If i use SWT.WEBKIT or SWT.MOZILLA (XulRunner) i have no chance at all to get the image. An dialog pop up and tell me the certificate is untrusted with no option to accept it. If i use SWT.NONE the IE is used (i am on WinXP) and the pop-up dialog ask if i want to trust the cert, after pressing OK i can see the image.

Here at Stackoverflow i found: how-to-import-a-ssl-certificate-file-with-swt-browser. But i unable to find the cert_override.txt in my XULRunner, and i am unable to find a download link for the Personal Security Manager (like many others) !

How can i allow the untrusted certificate, use variant 1 and XULRunner aka MOZILLA ? Is it possible to do it programmatically ?

回答1:

cert_override.txt is located in the user's profile. On Windows the directory for XULRunner's user profiles is %APPDATA%\<vendor>\<product>\Profiles\<something>.default, on OS X /Library/Application Support/<product>/Profiles/<something>.default, on Linux ~/.<vendor>/<product>/Profiles/<something>.default. At runtime you can use nsIDirectoryService to locate the directory (ProfD is the key for this directory).

You can either write to the user's profile directly from your application or add a copy of cert_override.txt to your XULRunner application to be copied into all user profiles created (it would have to be put under defaults/profile/cert_override.txt in the XULRunner application directory). Note that the latter will only have an effect on new profiles being created, not on profiles that already exist.

Btw, the simplest way to create a cert_override.txt file would be accepting an untrusted certificate in Firefox and then copying the entry from the Firefox profile to the XULRunner profile.

来源：https://stackoverflow.com/questions/8182897/swt-browser-how-to-load-a-resource-using-https-if-the-certificate-is-untrusted