Index: tigervnc-1.9.0/java/com/tigervnc/rfb/CSecurityTLS.java =================================================================== --- tigervnc-1.9.0.orig/java/com/tigervnc/rfb/CSecurityTLS.java +++ tigervnc-1.9.0/java/com/tigervnc/rfb/CSecurityTLS.java @@ -66,6 +66,9 @@ public class CSecurityTLS extends CSecur public static StringParameter X509CRL = new StringParameter("X509CRL", "X509 CRL file", "", Configuration.ConfigurationObject.ConfViewer); + public static StringParameter x509autoaccept + = new StringParameter("x509autoaccept", + "X509 Certificate SHA-1 fingerprint", "", Configuration.ConfigurationObject.ConfViewer); public static UserMsgBox msg; private void initGlobal() @@ -85,6 +88,7 @@ public class CSecurityTLS extends CSecur setDefaults(); cafile = X509CA.getData(); crlfile = X509CRL.getData(); + certautoaccept = x509autoaccept.getData(); } public static String getDefaultCA() { @@ -283,6 +287,10 @@ public class CSecurityTLS extends CSecur tm.checkServerTrusted(chain, authType); } catch (java.lang.Exception e) { if (e.getCause() instanceof CertPathBuilderException) { + if (certautoaccept != null && thumbprint.equalsIgnoreCase(certautoaccept)) { + return; + } + String certinfo = "This certificate has been signed by an unknown authority\n"+ "\n"+ @@ -471,7 +479,7 @@ public class CSecurityTLS extends CSecur private SSLEngineManager manager; private boolean anon; - private String cafile, crlfile; + private String cafile, crlfile, certautoaccept; private FdInStream is; private FdOutStream os; Index: tigervnc-1.9.0/java/com/tigervnc/vncviewer/VncViewer.java =================================================================== --- tigervnc-1.9.0.orig/java/com/tigervnc/vncviewer/VncViewer.java +++ tigervnc-1.9.0/java/com/tigervnc/vncviewer/VncViewer.java @@ -393,6 +393,8 @@ public class VncViewer extends javax.swi // Called right after zero-arg constructor in applet mode setLookAndFeel(); setBackground(Color.white); + + SecurityClient.setDefaults(); applet = this; vncServerName.put(loadAppletParameters(applet).toCharArray()).flip(); if (embed.getValue()) {