Ubuntu

Comment 55 for bug 334191

(In reply to comment #26)
> It won't fix KDE's cert handling but makes the global ca-certificates available
> to KDE; just do a
> sudo ln -sf /etc/ssl/certs/ca-certificates.crt
> /usr/share/kde4/apps/kssl/ca-bundle.crt
> and you'll have at least CAcert and stuff recognized in KDE.

As long as there is no working central KDE certificate management you have to rely on the certification capabilities of your distribution or of central bodies like mozilla. What you need at least is a certificate list that can be imported by KtcpSocket (see comment above).

This can be achieved by using a (root) certificate list from your distributor (e. g. with package ca-certificates in Ubuntu) or by creating such a list from e. g. Mozilla's repository (see e. g. http://www.issociate.de/board/post/170599/updating_ca-bundle.crt.html). Once you have that list put it into /etc/ssel/certs and link it as proposed in comment #26.

If you have self-signed certificates in your network you have to add your root certificate to the certificate list in order to KTcpSocket let accept the self-signed server certificate:

$ sudo su
# sudo cp /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt.bak
# cat myRootCertificate.pem >> /etc/ssl/certs/ca-certificates.crt