I couldn't find any way of doing this (well, not yet anyway).
Adobe uses the underlying OS certificate store. In Windows, this means the same one that IE (and Google Chrome) use.
The only solution I've come up with is to, under linux, follow the instructions in the link you included, and for Windows, have the user download/install the client certificate via IE (and the server root CA as well, as we've a self-signed certificate for the organisation), then Air uses those certificates.
This comes with some annoyances -
- Unless the user installs the root CA, they are asked to confirm the server's security certificate.
- The user will be asked to confirm the client certificate is used on every request to the server (and in a business application that does a lot of data requests, this makes it unusable). To work around this, the only way I've found is to have the user go into IE, go and enable
Tools -> Internet Options -> Security -> Custom Level -> Miscellaneous -> "Don't prompt for client certificate selection when no certificate or only one certificate exists"
. This stops the constant requests (though of course, doesn't work if there is more than one certificate.
- Adobe Air will still fail, with all of this though, unless the user also goes, in IE, to
Tools -> Internet Options -> Advanced -> Security -> "Check for service certificate revocation*"
and unchecks this. This is probably only necessary with self-signed server certificates for servers that don't support revocation, but I'm not sure.
Anyway, as you can see, it's all a horrible mess.