某银行网银登陆为什么要用一个叫 Web Secure Connection ...

官方名字叫“网上银行登录安全控件”，下载地址 https://dlsev.boc.cn/support/secWidgets/InfoSuite.BOC.pkg
备份： https://file.io/wRu4QOzkIEtN
看了下里面的内容
cat Payload | gunzip -dc | cpio -i
然后
ls
InfoDaemon.BOC com.boc.InfoDaemon.plist
InfoSuite.BOC.app install.sh
Web.cer installcert.sh
ca.cer preinstall.sh
certutil_mac
openssl x509 -in ca.cer -text -noout
Certificate:
Data:
      Version: 3 (0x2)
      Serial Number: 11815962403880771290 (0xa3fabb33e2af1eda)
Signature Algorithm: sha256WithRSAEncryption
      Issuer: C=CN, O=Web Secure Connection, OU=Web Secure Connection Root CA, CN=Web Secure Connection Root
      Validity
         Not Before: Jan 15 06:05:10 2019 GMT
         Not After : Jan 12 06:05:10 2029 GMT
      Subject: C=CN, O=Web Secure Connection, OU=Web Secure Connection Root CA, CN=Web Secure Connection Root
      Subject Public Key Info:
         Public Key Algorithm: rsaEncryption
            Public-Key: (4096 bit)
            Modulus:
                  00:bb:95:eb:0e:d3:e1:a4:54:a3:f8:db:c3:1e:11:
                  70:f7:d1:8c:3b:69:45:b9:43:27:d2:8f:0d:6a:20:
                  38:55:be:19:75:2d:45:f6:d2:14:ae:81:a2:45:08:
                  38:63:39:40:16:cc:93:19:b0:da:5b:cb:ff:5b:7d:
                  52:8c:30:61:6f:32:a3:ce:9c:47:a4:1f:05:3c:f1:
                  67:29:c4:07:58:31:51:47:41:28:47:de:bb:d5:bd:
                  19:38:95:6e:13:1e:8d:33:22:34:f0:5b:5c:f5:c1:
                  96:cd:2a:90:34:c8:46:34:2a:5f:24:88:7e:f1:e3:
                  6f:6c:aa:7d:45:69:dd:ef:8e:1a:0c:01:1a:2b:2a:
                  51:10:0e:2b:bf:e7:1b:67:da:2f:b5:f4:54:de:16:
                  68:ad:0f:cc:cc:c5:22:98:3a:da:66:7b:e5:e8:1e:
                  e4:29:81:aa:fa:5a:c4:b6:27:78:26:07:7c:70:37:
                  3c:2f:6e:aa:d9:6b:00:20:3b:c3:f4:81:a0:df:aa:
                  f1:e7:90:82:63:72:97:aa:5b:af:1c:df:80:c6:f4:
                  51:3c:36:d5:7f:6c:5a:27:9f:ee:46:e1:cc:49:aa:
                  21:f0:b2:bf:26:83:e3:d6:11:55:35:08:23:e1:e5:
                  88:0e:55:92:41:97:dd:0e:9f:a6:8f:a5:a1:7c:dd:
                  7c:7a:84:bf:57:8f:91:97:a6:57:e9:9c:11:45:cc:
                  ce:79:cb:5c:2e:77:ca:57:ef:d5:ad:a5:9c:2b:98:
                  81:bb:08:98:99:81:10:04:ff:ca:f4:50:27:a0:53:
                  36:17:7d:a5:75:c2:dd:d9:8d:2a:3e:69:da:39:b5:
                  26:ff:fc:f2:d9:c2:4a:9f:6e:3d:6d:b3:ae:e7:3f:
                  47:3f:2d:92:32:3e:eb:85:ef:59:60:70:76:d9:36:
                  e9:02:a6:e2:0e:4f:02:a3:93:06:9f:ab:78:f6:23:
                  75:a4:5e:8e:25:48:22:a4:46:9d:a1:a9:59:39:19:
                  c0:13:d4:45:cd:5f:0a:7c:a3:d6:85:4f:88:14:6d:
                  0d:7a:22:b7:14:4d:4d:22:a7:9b:09:67:06:a1:62:
                  db:dc:ff:13:3f:05:59:82:1a:1e:45:10:1b:5d:b2:
                  6b:8f:82:61:8e:19:2a:c9:88:a7:93:c4:d3:22:fc:
                  7c:d4:b8:8d:42:d6:47:ae:be:8e:91:46:65:99:22:
                  17:1c:d2:5f:76:d6:87:5b:bb:50:5d:ba:df:d7:37:
                  16:bc:07:f1:2e:1c:36:ba:ab:a5:95:6c:66:ce:1e:
                  4f:16:a2:9a:f7:53:22:23:1b:27:96:5a:5c:c3:61:
                  24:af:f5:94:9d:ca:94:9d:02:f1:bb:0c:23:b9:43:
                  ee:71:7f
            Exponent: 65537 (0x10001)
      X509v3 extensions:
         X509v3 Subject Key Identifier:
            9A:32:43:5A:AD:93:EA:6D:BE:5E:0D:72:56:31:BD:69:10:A3:23:52
         X509v3 Authority Key Identifier:
            keyid:9A:32:43:5A:AD:93:EA:6D:BE:5E:0D:72:56:31:BD:69:10:A3:23:52
         X509v3 Basic Constraints: critical
            CA:TRUE
         X509v3 Key Usage: critical
            Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
      b5:99:7f:3d:63:a5:92:cd:df:19:d9:2e:b0:99:42:70:e3:95:
      7a:7c:83:7a:61:40:43:4b:3c:f4:ae:a2:c4:41:e1:7f:e3:65:
      1d:6b:b1:ca:78:3a:7e:88:85:19:62:3c:ad:0c:0f:ac:b1:17:
      f4:b7:52:1b:d9:55:c9:fb:de:ce:65:03:f1:1c:8d:af:8b:45:
      1a:27:70:cf:e1:c8:0a:6a:25:0e:b8:31:25:64:87:bf:d7:f5:
      9f:d8:ab:44:02:8d:9f:d3:9c:b6:bb:97:9c:18:95:f8:75:08:
      76:92:66:b8:ea:49:20:3b:ee:26:c1:2c:97:95:85:ef:c0:2b:
      fe:30:d5:d2:1b:6d:91:b8:dc:1a:80:2f:c5:15:e9:46:87:cc:
      2e:3a:d9:c8:a0:7d:f2:a0:1c:88:73:a0:e3:4f:9f:08:fc:95:
      2b:a7:6f:c4:cb:41:81:37:b9:6a:9a:29:04:b1:ea:44:c5:c4:
      1b:09:11:28:5c:17:71:f7:b2:81:d0:83:7f:9a:a2:0f:f1:41:
      d6:fe:4b:bd:be:da:28:fd:28:e9:0b:33:15:80:c8:a8:6b:8c:
      1a:9e:45:53:6e:07:6d:d0:19:03:cc:93:a2:39:49:b4:12:84:
      09:6a:a8:3c:6e:1c:b0:46:64:6c:ce:f3:40:52:1f:8e:d2:1e:
      aa:15:e8:f7:3e:4f:56:4e:bb:8f:71:ac:77:65:a9:6a:d3:f2:
      a5:34:e8:92:cb:18:d7:e4:29:f9:4c:6c:25:06:da:8f:e4:12:
      18:7b:f9:c6:4d:87:ef:48:d2:0a:65:6f:34:c7:95:94:b3:f5:
      a3:0f:3a:b2:44:b1:ee:e3:aa:e2:8b:8b:3b:f5:cf:ea:f0:d4:
      28:49:0d:01:51:99:f1:94:e7:ed:9c:f2:72:65:99:78:f9:8a:
      f3:db:a5:73:fd:26:ef:66:cb:4c:68:ad:5f:aa:4d:cb:b6:52:
      fb:b3:ce:f0:63:78:11:1a:24:48:47:47:a2:1a:32:bd:43:c8:
      25:e8:b5:e2:2d:63:ec:bd:55:e5:56:c8:d5:ac:4d:83:bb:6c:
      99:67:ce:03:83:07:e2:39:7f:f1:6a:41:9b:37:30:80:18:96:
      e4:0c:a1:59:ff:63:c8:5c:b1:c4:7d:3c:75:c2:50:1e:30:e9:
      93:9e:1c:1d:cb:ca:25:37:10:ee:b8:74:f8:db:ca:48:f7:60:
      54:4b:6b:b1:2d:c0:a4:f9:ff:5e:0d:8b:19:01:8d:a6:a9:81:
      55:34:1b:f5:b8:af:3e:70:28:7b:28:b0:44:48:46:dc:75:0e:
      84:05:5d:c6:15:73:5e:cb:e0:7e:6a:92:da:5b:2a:a3:89:18:
      c0:01:f7:4e:db:6b:25:17

请教下不知银行用自签证书的必要性在哪里，风险如何，是否能在不用网银的时候直接禁用这个 ca ？

某银行网银登陆为什么要用一个叫 Web Secure Connection Root 的自签 ca，是否可信？

浏览过的版块

热门主题

淘宝开店卖虚拟，卖家永远都是吃亏

折腾了两天自建节点，我发现了

三只羊合伙人，那个卢胖子，又搞笑了。

电脑显示屏分辨率大调查

投了国内场内etf或qdii基金的，记得下周五

ProtonVNP车缺一季付108

全局E3 MSDN全局收收收

平台价6.95收3000个U，自用有出的联系

无敌弹窗代码

KURUN好用吗

热门板块

公告

网站帮助 - Yoo趣儿

我们的愿景

在 Yoo趣儿投放广告

Yoo趣儿网站用户应遵守规则