From 38dceba9b4a1faa386d377a20080a590ea20cbdb Mon Sep 17 00:00:00 2001
From: callum <none@none>
Date: Fri, 28 Jan 2011 11:17:18 -0800
Subject: [PATCH] STORM-927 - FIX - [VWR-24426] SSL Handshake Failed Error when
 accessing web-based content on development viewers using recent Webkit 4.7
 Also removed refs to debug vars used to specify location of pem file

---
 indra/newview/app_settings/settings.xml | 22 ----------------------
 indra/newview/llviewermedia.cpp         | 21 +++++++++++----------
 2 files changed, 11 insertions(+), 32 deletions(-)

diff --git a/indra/newview/app_settings/settings.xml b/indra/newview/app_settings/settings.xml
index ef6f8fd3eee..ca587302b2d 100644
--- a/indra/newview/app_settings/settings.xml
+++ b/indra/newview/app_settings/settings.xml
@@ -697,28 +697,6 @@
       <key>Value</key>
       <integer>0</integer>
     </map>
-    <key>BrowserUseDefaultCAFile</key>
-    <map>
-      <key>Comment</key>
-      <string>Tell the built-in web browser to use the CA.pem file shipped with the client.</string>
-      <key>Persist</key>
-      <integer>1</integer>
-      <key>Type</key>
-      <string>Boolean</string>
-      <key>Value</key>
-      <integer>1</integer>
-    </map>
-    <key>BrowserCAFilePath</key>
-    <map>
-      <key>Comment</key>
-      <string>Tell the built-in web browser the path to an alternative CA.pem file (only used if BrowserUseDefaultCAFile is false).</string>
-      <key>Persist</key>
-      <integer>1</integer>
-      <key>Type</key>
-      <string>String</string>
-      <key>Value</key>
-      <string></string>
-    </map>  
     <key>BlockAvatarAppearanceMessages</key>
         <map>
         <key>Comment</key>
diff --git a/indra/newview/llviewermedia.cpp b/indra/newview/llviewermedia.cpp
index d3b6dcd86f2..433151860cd 100644
--- a/indra/newview/llviewermedia.cpp
+++ b/indra/newview/llviewermedia.cpp
@@ -1828,16 +1828,17 @@ bool LLViewerMediaImpl::initializePlugin(const std::string& media_type)
 			media_source->ignore_ssl_cert_errors(true);
 		}
 
-		// start by assuming the default CA file will be used
-		std::string ca_path = gDirUtilp->getExpandedFilename( LL_PATH_APP_SETTINGS, "lindenlab.pem" );
-	
-		// default turned off so pick up the user specified path
-		if( ! gSavedSettings.getBOOL("BrowserUseDefaultCAFile"))
-		{
-			ca_path = gSavedSettings.getString("BrowserCAFilePath");
-		}
-		// set the path to the CA.pem file
-		media_source->addCertificateFilePath( ca_path );
+		// NOTE: Removed as per STORM-927 - SSL handshake failed - setting local self-signed certs like this 
+		//       seems to screw things up big time. For now, devs will need to add these certs locally and Qt will pick them up.
+//		// start by assuming the default CA file will be used
+//		std::string ca_path = gDirUtilp->getExpandedFilename( LL_PATH_APP_SETTINGS, "lindenlab.pem" );
+//		// default turned off so pick up the user specified path
+//		if( ! gSavedSettings.getBOOL("BrowserUseDefaultCAFile"))
+//		{
+//			ca_path = gSavedSettings.getString("BrowserCAFilePath");
+//		}
+//		// set the path to the CA.pem file
+//		media_source->addCertificateFilePath( ca_path );
 
 		media_source->proxy_setup(gSavedSettings.getBOOL("BrowserProxyEnabled"), gSavedSettings.getString("BrowserProxyAddress"), gSavedSettings.getS32("BrowserProxyPort"));
 		
-- 
GitLab