On 01/21/2009 11:57 AM, Michael Bell:
I use a Smartcard with a X.509 certificate (Siemens CardOS). This
certificate works with Thunderbird 2.0.0.19 on Microsoft Windows XP
SP3. If I use the same smartcard with Linux and Thunderbird 2.0.0.19
(more exactly icedove from Debian unstable) then I can configure all
the necessary stuff (e.g. assign the cert to the mail account) but I
cannot use the cert to sign or encrypt a mail.
The error message is that the certificate must be valid and trusted.
Both is correctly configured.
I analysed the situation and discovered that the purpose of the cert
on Windows is "Client, sign, encrypt" but the purpose on Linux is
"<unknown>". I checked the cert with OpenSSL and noticed that the
certificate does not include the usual nsCertType extensions.
So my question is, is there a difference between the crypto libraries
used by the Mozilla Windows and Linux versions regarding the
certificate extensions?
Which driver are you using on Linux? Is this an Aladdin eToken? Which
library did you choose as the PKCS11 module?
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
Jabber: start...@startcom.org
Blog: https://blog.startcom.org
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
