A couple of us have had the pleasure of experimenting with the Thawte freemail cert generation pages on Microsoft Vista ...
I'll skip the IE 7 problems. The Mozilla firefox generation works, but Thawte isn't returning the certificate in a form that firefox understands apparently, it comes back as a .spc or some kind of PKCS#7 file, and never gets imported. It can kind of look like a Windows function is stepping in and intercepting the .spc file (it looks like a version of one of those Windows computer management consoles appears). It might even work to install the certificate, but of course the private key is absent in the Windows crypto store. Perhaps, firefox attempts to figure out what kind of file it is, doesn't know and drops into Windows file management. The file management window that firefox displays says Open with "Windows host proces (rundll32)". I tried downloading the .spc file directly, and then tried to import it into Firefox. No luck - it wants a "password" for this file (presumably there is none - but that's not acceptable to the dialog box, and strings of 0-8 blank spaces don't make it work either). There's definitely a nice cert in that .spc file - I can unpack it with openssl. firefox, tho, doesn't seem to want to import anything other than a pure pkcs12 file, and openssl won't produce one of those without a private key. Anyone have any better luck and useful advice? Thanks, ==mwh _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
