Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

What is exactly firefox PKCS#12 export ciphers type ?

  • 1 svar
  • 1 har dette problemet
  • 25 views
  • Siste svar av FredMcD

more options

Hello, I'm working with firefox 59.0.2 (64 bits) and trying to create a certificat with http://www.cacert.org. My certificate is correctly created and inserted in the firefox certificate database. I need to use this certificate with my private key in others software (Windows10, Chrome, Edge, Adobe Acrobat pro 9.5.5 and reader DC 18.2304,...) After export the certificate chains including the private, public and root keys PKCS#12 (.P12), I'm trying without success to import the certificate in windows10/certmgr because received a password error message. For information : Reimport the .P12 certificate into firefox certificate database correctly work. Import the .P12 certificate into Acrobat pro 9.5.5 correctly work and sign also work. openssl also work to convert .P12 file to pem then pem to .pfx resulting .pfx file then is correctly import to windows10/certmgr : This currently my only workaround solution.

openssl info on .P12 return :

===========

MAC:sha1 Iteration 1000000 PKCS7 Data Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 1000000 PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration 1000000 Certificate bag Certificate bag

openssl info on .Pfx return :

===========

MAC:sha1 Iteration 2048 PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration 2048 Certificate bag Certificate bag PKCS7 Data Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048

My questions : Why do I have to use openssl to convert my certificate to be able to import it to windows10/certmgr ? What is exactly firefox PKCS#12 export ciphers type ? Why Iteration = 1000000 for firefox export and 2048 for openssl output, could it be the culprit ? Is there other possible culprit ? (Order of openssl info out lines not the same) Is it possible to configure the firefox export to be compatible with windows10/certmgr ?

Hello, I'm working with firefox 59.0.2 (64 bits) and trying to create a certificat with http://www.cacert.org. My certificate is correctly created and inserted in the firefox certificate database. I need to use this certificate with my private key in others software (Windows10, Chrome, Edge, Adobe Acrobat pro 9.5.5 and reader DC 18.2304,...) After export the certificate chains including the private, public and root keys PKCS#12 (.P12), I'm trying without success to import the certificate in windows10/certmgr because received a password error message. For information : Reimport the .P12 certificate into firefox certificate database correctly work. Import the .P12 certificate into Acrobat pro 9.5.5 correctly work and sign also work. openssl also work to convert .P12 file to pem then pem to .pfx resulting .pfx file then is correctly import to windows10/certmgr : This currently my only workaround solution. openssl info on .P12 return : ======================= MAC:sha1 Iteration 1000000 PKCS7 Data Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 1000000 PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration 1000000 Certificate bag Certificate bag openssl info on .Pfx return : ======================= MAC:sha1 Iteration 2048 PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration 2048 Certificate bag Certificate bag PKCS7 Data Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048 My questions : Why do I have to use openssl to convert my certificate to be able to import it to windows10/certmgr ? What is exactly firefox PKCS#12 export ciphers type ? Why Iteration = 1000000 for firefox export and 2048 for openssl output, could it be the culprit ? Is there other possible culprit ? (Order of openssl info out lines not the same) Is it possible to configure the firefox export to be compatible with windows10/certmgr ?

All Replies (1)

more options

I called for more help.


Separate Security Issue: Update your Flash Player or remove it using these links; http://helpx.adobe.com/flash-player/kb/uninstall-flash-player-windows.html Uninstall Flash Player | Windows http://helpx.adobe.com/flash-player/kb/uninstall-flash-player-mac-os.html Uninstall Flash Player | Mac

Note: Windows users should download the ActiveX for Internet Explorer. and the plugin for Plugin-based browsers (like Firefox).

Note: Windows 8 and Windows 10 have built-in flash players and Adobe will cause a conflict. Install the plugin only. Not the ActiveX.

Flash Player Version: Version 29.0.0.113

https://get.adobe.com/flashplayer/ Direct link scans current system and browser Note: Other software is offered in the download. <Windows Only>

https://get.adobe.com/flashplayer/otherversions/ Step 1: Select Operating System Step 2: Select A Version (Firefox, Win IE . . . .) Note: Other software is offered in the download. <Windows Only> +++++++++++++++++++ See if there are updates for your graphics drivers https://support.mozilla.org/en-US/kb/upgrade-graphics-drivers-use-hardware-acceleration