Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
73 lines (43 sloc) 2.07 KB
This folder contains "Slicer.crt" file bundling together X.509v3 certificates (*.pem). Each one
of these X.509v3 certificate identifies a Certificate authority.
When establishing a connection with a website served over https, this one will present
a digital certificate allowing to confirm the "digital identity" of its associated public key
later used to establish the secured connection [1].
This digital certificate could either be signed or self-signed [2]. By default, the browser
rejects self-signed certificates and accepts only the one signed by a trusted Certificate authority.
Certificate authority
Certificate authority (CA), is an entity that issues digital certificates. The digital certificate
certifies the ownership of a public key by the named subject of the certificate. This allows others
(relying parties) to rely upon signatures or assertions made by the private key that corresponds to
the public key that is certified.
Certificate Bundle generation
Re-using the scripts provided by BLFS (Beyond Linux From Scratch) [3], the "Slicer.crt" can easily
be (re-)generated.
Step1: Download the list of trusted CAs from mozilla website [4]
certhost='' &&
certdir='/blob/master/security/nss/lib/ckfw/builtins' &&
url="$certhost$certdir/certdata.txt?raw=true" &&
wget --output-document certdata.txt $url &&
unset certhost certdir url
Step2: Generate "Slicer.crt"
Step3: Clean-up
rm certdata.txt
Slicer and certificates
Within Slicer, secured http connection could be established using:
1) QWebView:
w = slicer.qSlicerWebWidget()
v = w.webView()
2) QNetworkManager (See qSlicerSslTest.cxx)
3) Python libraries like urllib
4) curl [Not yet supported]