[EMAIL PROTECTED] wrote, On 2008-09-29 05:43: > Hi there, > I am trying to tie off an embedded browser using XulRunner 1.8/Firefox > 2 with XPCOM.
"tie off". I like the birth metaphor. :) > I have created a user keystore and can get a user to > import a client side X.509 certificate from a PKCS12 file. > > However, I need to give the user the ability to recreate their > keystore if their personal cert expires or if they forget their > password. Is there anyway to use XPCOM to reset the Master Security > Device password or set it to something else if the user forgets their > password for their certificate keystore? i.e. so they can reimport > another cert? > > For evicting a certificate is it as simple as using X509CertDB to > evict the certificate? It's almost never necessary to delete old certs, and there may be good reasons to preserve them. > will doing so reset the password? No, in general deleting a certificate will not reset the password. The "reset password" operation destroys the entire database, all certs and keys are lost. If your browser is gecko based, you can try this: (WARNING, DON'T TRY THIS unless you've backed up your databases!) Enter "chrome://pippki/content/resetpassword.xul" in the Location Bar, press Enter, then click "Reset" > How does everyone else deal with this; at present the best I can do is > delete the user profile, any help would be appreciated. Firefox and SeaMonkey browsers provide their users with UI (a dialog known as the Certificate Manager) in which they can see and manage all their certs. That's a good idea IMO for any browser that's going to hold user certs. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
