Community
    • Login

    Certificate install location

    Scheduled Pinned Locked Moved Security
    2 Posts 2 Posters 86 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Dave TeetzD
      Dave Teetz
      last edited by

      Page /news/v883-self-signed-certificate/ install for LocalMachine.

      Page dics/getting-started/#notepad-self-signed-certificate-authority-for-binaries says “If you accidentally picked Local Machine…”

      These appear to be conflicting instructions.

      PeterJonesP 1 Reply Last reply Reply Quote 0
      • PeterJonesP
        PeterJones @Dave Teetz
        last edited by PeterJones

        @Dave-Teetz said in Certificate install location:

        Page /news/v883-self-signed-certificate/ install for LocalMachine.

        Page dics/getting-started/#notepad-self-signed-certificate-authority-for-binaries says “If you accidentally picked Local Machine…”

        These appear to be conflicting instructions.

        It will actually work in either.

        When I wrote the original instructions, I picked Current User, because, from a security standpoint, it’s always better to pick the most-restrictive location – that way, my choices (like adding a new certificate to the trust system) will only affect me, rather than affecting everyone who uses the same computer. On most PCs, where there is only one user anyway, it completely does not matter.

        When Don wrote the instructions in the “news” page, he for some reason decided to recommend Local Machine instead of Current User: I don’t know why he did that, nor do I agree with it.

        But regardless, the phrasing in the User Manual is correct, because what the UM is really pointing out with the “accidentally picked” is that if you installed it in Location A, you have to use the right tool to be able to find it: if you installed it in Current User, you must use certmgr.msc to find it; if you installed it in Local Machine, you must use certlm.msc to find it.

        Maybe I will update the manual to give users the understanding to make the correct choice between Current Userand Local Machine, rather than implying only one way is right that one way was only “accidental”.

        update: the User Manual has been updated; it now gives the user the information needed to make the correct choice for their circumstances, but makes sure to enable them to verify or change, whichever choice is made.
        update 2: rephrased my last paragraph before the update, because the final version in the user manual still strongly implies one way is almost-always right, but it gives the decision guidelines for which is better, and still explains how to work with either.

        1 Reply Last reply Reply Quote 1
        • First post
          Last post
        The Community of users of the Notepad++ text editor.
        Powered by NodeBB | Contributors