On 01/21/2009 03:41 PM, Nelson Bolyard:
Eddy Nigg wrote, On 2009-01-21 05:16:
On 01/21/2009 03:10 PM, Michael Bell:
Do you mean that all CA certificates must be present if the card is
removed from the machine?
If the CA certificates are on the card, there are some odd behaviors.
Oh? Please tell us more.
Ah yes, maybe I should...it's in my nature to work around such problems
too many times. Basically if the CA certificates are imported into the
card, than those CAs take preference by NSS (for whatever ever reason).
Meaning, the builtin CA root isn't visible in the cert manager, but the
one from the smart card is. Unfortunately, the trust bit sets only "web
sites" to true. Editing the trust bits helps for the session, but it's
obviously gone after restart. That's correct with Athena card reader and
Aladdin eToken Pro Smart Card using Aladdin's middle ware and driver.
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
Jabber: start...@startcom.org
Blog: https://blog.startcom.org
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
