Oops; I had meant to reply to this sooner. I just saw this unfinished reply in an open browser tab.
Both p3dcert and certlist are compiled as packages and uploaded to the runtime host. In order to use your version of certlist, you need your own version of nppanda3d.dll that’s hard-coded to point to the runtime host containing your version of certlist.
In order to add a custom certificate to certlist package, edit direct/src/p3d/coreapi.pdef and look for “class certlist”.
class certlist(package):
# This package holds any certificates that should be considered
# pre-approved by the plugin vendor. If you build and host your
# own version of the Panda3D plugin, you can add your own
# certificates to this list. The certificates in this package
# will be assumed to have been approved by the user when he/she
# installed the plugin.
# They should be PEM-encoded and their filenames must end in the
# ".pem" or ".crt" extension, and they should be added with the
# extract = True flag so they will be extracted to disk.
file('mycert.pem', extract=True)
And then i’ve rebuilt runtime and plugin with no error, then i’ve re-installed them. finally i’ve used new packp3d with mycert.pem to produce my pack, but it is still asking for certification approval. maybe i’ve put mycert.pem in the wrong place.
If it’s missing when regenerating certlist package, the error can be rather subtle, like when I put it in the wrong directory I only get a warning:
built_rdb/stage/ppackage1.9.p3d -i built_rdb/stage direct/src/p3d/coreapi.pdef certlist
:AppRunner: Total Panda3D disk space used: 131 MB
:AppRunner: Configured max usage is: 2048 MB
:Packager: Reading direct/src/p3d/coreapi.pdef
:Packager(warning): No such file: cert.pem
Generating certlist/certlist.mf
:AppRunner: Normal exit.
(Point -i at the location of your runtime host - I run my host directly out of the stage directory)
Packing a signed sample:
cd samples/asteroids
../../built_rdb/stage/packp3d1.9.p3d -o ../asteroids.p3d -S../../mycert.pem
Purging my local cache:
rm -rf ~/.panda3d/
Now running asteroids.p3d in a browser produces the green play button rather than the red one, and clicking it immediately shows the game without even downloading the cert dialog. (If I had set it to auto-start in the HTML, it would be starting automatically now.)