--- /dev/null
+Index: new/java/com/tigervnc/rfb/CSecurityTLS.java
+===================================================================
+--- new.orig/java/com/tigervnc/rfb/CSecurityTLS.java 2013-04-18 11:56:22.000000000 +0200
++++ new/java/com/tigervnc/rfb/CSecurityTLS.java 2013-04-18 13:59:03.000000000 +0200
+@@ -25,6 +25,7 @@
+ import java.io.File;
+ import java.io.InputStream;
+ import java.io.FileInputStream;
++import java.io.ByteArrayInputStream;
+ import java.util.ArrayList;
+ import java.util.Collection;
+ import javax.swing.JOptionPane;
+@@ -34,6 +35,9 @@
+
+ public class CSecurityTLS extends CSecurity {
+
++ public static StringParameter PVECert
++ = new StringParameter("PVECert",
++ "Proxmox VE CA certificate", "");
+ public static StringParameter x509ca
+ = new StringParameter("x509ca",
+ "X509 CA certificate", "");
+@@ -92,6 +96,8 @@
+ {
+ anon = _anon;
+ setDefaults();
++
++ pvecert = PVECert.getData();
+ cafile = x509ca.getData();
+ crlfile = x509crl.getData();
+ }
+@@ -170,10 +176,15 @@
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+ try {
+ ks.load(null, null);
+- File cacert = new File(cafile);
+- if (!cacert.exists() || !cacert.canRead())
+- return;
+- InputStream caStream = new FileInputStream(cafile);
++ InputStream caStream;
++ if (pvecert != null) {
++ caStream = new ByteArrayInputStream(pvecert.getBytes("ISO-8859-1"));
++ } else {
++ File cacert = new File(cafile);
++ if (!cacert.exists() || !cacert.canRead())
++ return;
++ caStream = new FileInputStream(cafile);
++ }
+ X509Certificate ca = (X509Certificate)cf.generateCertificate(caStream);
+ ks.setCertificateEntry("CA", ca);
+ PKIXBuilderParameters params = new PKIXBuilderParameters(ks, new X509CertSelector());
+@@ -241,6 +252,7 @@
+ private boolean anon;
+ private SSLSession session;
+ private String cafile, crlfile;
++ private String pvecert;
+ private InStream is;
+ private SSLSocket ssl;
+
+Index: new/java/com/tigervnc/vncviewer/VncViewer.java
+===================================================================
+--- new.orig/java/com/tigervnc/vncviewer/VncViewer.java 2013-04-18 11:56:21.000000000 +0200
++++ new/java/com/tigervnc/vncviewer/VncViewer.java 2013-04-18 13:56:33.000000000 +0200
+@@ -168,6 +168,11 @@
+ if (firstApplet) {
+ alwaysShowServerDialog.setParam(true);
+ Configuration.readAppletParams(this);
++ String tmpcert = this.getParameter("PVECert");
++ if (tmpcert != null) {
++ CSecurityTLS.PVECert.setParam(tmpcert.replace('|', '\n'));
++ }
++
+ String host = getCodeBase().getHost();
+ if (vncServerName.getValue() == null && vncServerPort.getValue() != 0) {
+ int port = vncServerPort.getValue();