Nelson Bolyard wrote:
A week after applying for his certificate, he download the certificate
onto the same desktop box where he had generated the CSR, which combined
the cert and private key in the same mozilla softoken module. Then he
"exported" the cert and private key into a PKCS#12 file, which he then
imported onto the notebook. That's how I read the description.
Dave, if I misunderstood, please jump in here. :)
It was as you have described, Nelson. The purchase process took me
through a wizard-like sequence of pages; at one step in that process,
the keys were generated and installed in Firefox. I don't know the
mechanics of how the keys were generated; I assume that it happened in
Firefox, but perhaps they were generated on the GateKeeper (CA) server
and downloaded into Firefox - could a web site initiate key generation
inside Firefox?
In any case, the public and private keys were created on a machine that
had no TPM, and moved to the machine with the TPM as a .p12 file.
Dave
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
