OSX gave me headaches today. This short article shows you how to teach your mumble client to use a SSL certificate. If you encounter the term Firefox and think what the heck I am doing, please take a look at the mumble page:
Please export the certificate using Firefox. Chrome and Safari [and the OSX Keychain! ] are known to create incomplete certificate bundles.
- First of all, go get your certificate. Look at Mumble for information how to do it.
- Next, open the application “Keychain Access”. Search for your certificate. Your best bet is your name or your e-mailaddress. Right click on the certificate and chose export.
- Next, open Firefox. Go to Firefox -> Preferences -> Advanced -> Certificates
- Select “View Certificates”. Go to Your Certificates -> Import. Select the previously exported Certificate.
Ok, now your certificate has been imported into Firefox. If you double click it, it is likely it says the issuer is not trusted. Firefox does not have your issuer’s certificates, so we need to install them:
- Open another browser window and login to to your issuer (Comodo, StartSSL,…).
- Download their certificates or their certificate bundle.
- Having the certificate window still open (Firefox), select Authorities. Click import and select the downloaded certificates. It’s very likely they are *.pem files.
- Don’t forget to check the trust boxes. If you don’t trust your issuer or your issuer’s certificates, stop reading immediately. Using self-signed certificates may be a better choice for you.
- Switch back to “Your certificates”. Your certificate should now be trusted.
Alright, now we just need to export the certificate again and we are done:
- Click on your key and select backup.
- Save your key.
- Open mumble.
- Click on Configure -> Certificate Wizard.
- Select Import
- Import your certificate. Please be aware you need to select the key backupped by Firefox!
Done. Took me half an hour to figure it out. You were able to do it in minutes. If that is worth a beer to you, be sure to pay us one when drinking with us.
You must be logged in to post a comment.