> I was under the impression that this wasn't Cesar's primary goal, since
> he previously wrote that "I am trying to understand certificate
> authorities and how the process goes".
>
> So, for educational purposes, such a cert will do the trick. On the
> other hand, if the XPI file should be distri
Nelson B wrote:
> A certificate that you make for yourself, with your own play/pretend
> CA, may look (superficially) like a real code signing cert from a
> real CA, but it won't work like one for most browser users. You may
> be able to get a few of your closest friends to download and trust
> yo
Nelson B wrote:
>>-u certusage Specify certificate usage:
>> C SSL Client
>> V SSL Server
>> S Email signer
>> R Email Recipient
>> O O
[EMAIL PROTECTED] wrote:
> I created the certificate request using certutil (from what I
> remember) :
> certutil -R -s "CN=t, O=req, L=req, ST=req, C=RE" -p "555-555-" -o
> mycert.req -d ~/.xulapp
The problem with your end-entity cert (the one with the [EMAIL PROTECTED]
nickname) is that it d
[EMAIL PROTECTED] wrote:
> When I created the cert, I got a x509.cacert which I read (
>
http://web.archive.org/web/20060425194511/www.mozdevgroup.com/docs/pete/Signing-an-XPI.html
> ) was used to sign objects. I think this is incorrect, and is the
> public key, not a private key.
Several
Kaspar Brand wrote:
> How exactly did you create (and sign) the request for [EMAIL PROTECTED] By
> "validating", do you mean using "certutil -V"? If so, the problem might
> be the correct certusage ("-u" switch) - you should actually specify
> object signing, but it seems that certutil will only a
> > Now I need a private key from ~/.xulapp to sign my object. To the best
> > of my knowledge, I create a certificate request and use ~/.ca to
> > validate it. That is what I did. I then imported the file. This is the
> > output with certutil -L
> > Common Name - Organization
> I created a self-signed certificate and put it into my ~/.ca database.
> I used signtool -G to create it, so I have a private key and
> x509.cacert. This is the output with certutil -L
> testcert u,u,Cu
>
> I load the x509.cacert into my ~/.xula
On Jun 18, 3:41 am, Kaspar Brand <[EMAIL PROTECTED]> wrote:
> [EMAIL PROTECTED] wrote:
> > If I got that part right, then when I loaded the x509.cacert into my
> > XUL application and tried to use signtool to sign an archieve, it was
> > failing because I was trying to sign with a public key.
>
> O
[EMAIL PROTECTED] wrote:
> If I got that part right, then when I loaded the x509.cacert into my
> XUL application and tried to use signtool to sign an archieve, it was
> failing because I was trying to sign with a public key.
Ok, so it seems that you created a self-signed object signing cert (wit
> Is that really the verbatim output of signtool -l? Does your self-signed
> cert have "Common Name - Organization" as its name?
That is correct, this is just a test self-signed cert.
> "security library: bad database" is a somewhat generic error you'll
> encounter when signtool fails to find a c
[EMAIL PROTECTED] wrote:
> I've been hitting a strange error when trying to use NSS tools with
> the certificates databases in Mozilla (mainly XULRunner, but I got the
> same result in Firefox).
Be very sure that no mozilla apps are running when you copy the cert
and/or key DBs, or you will get co
[EMAIL PROTECTED] wrote:
> When I go into into my profile directory, I am able to view it
> using signtool. It gives the following output :
>
> Object signing certificates
> ---
> Common Name - Organization
> Issued by: Common Name - Organization (Common Nam
I've been hitting a strange error when trying to use NSS tools with
the certificates databases in Mozilla (mainly XULRunner, but I got the
same result in Firefox).
I have created a self-signed certificate and loaded it into my XUL
app. When I go into into my profile directory, I am able to view it
14 matches
Mail list logo
