http://bugs.winehq.org/show_bug.cgi?id=9929
--- Comment #8 from Juan Lang juan_lang@yahoo.com 2007-10-09 23:41:18 --- They'll work (but note this just gets you to the next problem.) To use them:
You'll need to encode them as PEM files (basically base64 encoded), and put them into wherever your root certs are installed. On Debian-ish systems, that's /etc/ssl/certs/ca-certificates.crt . On SUSE, it's /etc/ssl/certs . On Fedora/Redhat, it's /etc/pki/tls/certs/ca-bundle.crt . I don't know about other distros.
So, something like: openssl x509 -inform DER -outform PEM < rootauthority.cer > rootauthority.pem does it for rootauthority.cer. You can figure out how to repeat that for the other two (I don't know offhand which ones are strictly needed.)
If you have one of the .crt files on your system, you'll want to append the resulting .pem files to that. Otherwise, you can just copy the .pem files to the appropriate directory.
Unfortunately, once you do that, you'll get the following error, as I noted before: fixme:CertVerifyCertificateChainPolicy unimplemeneted for 7
Hacking chain.c to return TRUE for this case doesn't get any further, and I don't know what the problem is, frankly.