+
+void
+Hints::check_certificates ()
+{
+ auto bad = Config::instance()->check_certificates();
+ if (!bad) {
+ return;
+ }
+
+ switch (*bad) {
+ case Config::BAD_SIGNER_UTF8_STRINGS:
+ hint(_("The certificate chain that DCP-o-matic uses for signing DCPs and KDMs contains a small error "
+ "which will prevent DCPs from being validated correctly on some systems. You are advised to "
+ "re-create the signing certificate chain by clicking the \"Re-make certificates and key...\" "
+ "button in the Keys page of Preferences."));
+ break;
+ case Config::BAD_SIGNER_VALIDITY_TOO_LONG:
+ hint(_("The certificate chain that DCP-o-matic uses for signing DCPs and KDMs has a validity period "
+ "that is too long. This will cause problems playing back DCPs on some systems. "
+ "You are advised to re-create the signing certificate chain by clicking the "
+ "\"Re-make certificates and key...\" button in the Keys page of Preferences."));
+ break;
+ default:
+ /* Some bad situations can't happen here as DCP-o-matic would have refused to start until they are fixed */
+ break;
+ }
+}
+