I want my users to install my self-signed certificate to have my site trusted in https navigation.
So far, I managed to create user certificates and can be easily installed by the client throught the browser.
<?
header("Content-disposition: attachment; filename=user.crt");
header("Content-type: application/x-x509-user-cert");
readfile("user.crt");
This actually prompts the user to install the certificate.
But when it comes to the CA certificate, the browser will simply download it... I managed to make it work with firefox by commenting the first header lien;
<?
// commenting next line makes it work in firefox
// header("Content-disposition: attachment; filename=ca.crt");
header("Content-type: application/x-x509-ca-cert");
readfile("ca.crt");
Any idea or workaround ?
EDIT
Here is a screenshot: http://imgur.com/Dt02yPv
But in Chrome and IE it makes 'cert.php' file to be download.
Try this: header("Content-disposition: inline; filename=user.crt");
or application/x-x509-ca-cert
I want my users to install my self-signed certificate to have my site trusted in https navigation.
Don't do that. It is insecure, and places your users at risk, as it allows your CA certificate to create trusted certificates for any site, not just your own. Additionally, it is not even possible for many users: for instance, users without admin rights (e.g, many employees of larger companies!) cannot install trusted certificates under most operating systems.
If you want to use HTTPS, get a professionally signed certificate. It's inexpensive (or even free from certain providers, such as Startcom), and provides a considerably higher level of security for both your site and its users.