Allow other certificates

[koppor]

When working behind a SSL proxy, the SSL proxy presents another SSL certificate. When not using that certificate, the DOI fetcher returns "Connection error" without any further information:

IMHO JabRef should offer the possibility to:

• use an own key store
  • activated through preferences
• import .cer files into that key store
  • possibility offered using the preferences

See https://stackoverflow.com/q/18889058/873282 for some code hints.

Somehow refs #7627. Here, we have an SSL certificate issue. There, we have a proxy authentication error.

[Siedlerchr]

In the shared database dialog we also offer the possibility to provide a custom key file/store

[koppor]

Current state in the shared database dialog:

I would propose to move that settings to the preferences dialog:

• Add new category "SSL Certificates"
• Switch between "JabRef internal key store" and "Custom key store" with a file browsing possibility (to here, the part of the shared database dialog is moved)
• Add possiblit y(button) to browse and add .cer file to the key store selected in step 2

[koppor]

Additional/alternative approach:

• An SSL certificate should be downloaded if SSL error appears --> auto-import man-in-the-middle SSL certificate (e.g., company proxy)
• When download fails due to SSL error, a configuration dialog shown be shown

[HoussemNasri]

• Switch between "JabRef internal key store" and "Custom key store" with a file browsing possibility (to here, the part of

How about having a single checkbox to enable or disable custom certificates, similar to Proxy Configuration, and custom certificates will be added on top of JabRef internal Keystore (which if I understand correctly is empty for now)

Edit: I see that Java uses this as its default truststore $JAVA_HOME/jre/lib/security/cacerts, so I guess the solution would be to copy the default truststore into the app files, set javax.net.ssl.trustStore property to our truststore and then modify it according to user interactions