Цей вебсайт матиме обмежену функціональність, доки ми проводимо його обслуговування для поліпшення роботи. Якщо прочитана стаття не розв'язала вашу проблему і ви хочете поставити питання, наша спільнота підтримки з радістю допоможе вам на @FirefoxSupport у Twitter та /r/firefox на Reddit.

Avatar for Username

Шукати в статтях підтримки

Остерігайтеся нападів зловмисників. Mozilla ніколи не просить вас зателефонувати, надіслати номер телефону у повідомленні або поділитися з кимось особистими даними. Будь ласка, повідомте про підозрілі дії за допомогою меню “Повідомити про зловживання”

Докладніше

Ця тема перенесена в архів. Якщо вам потрібна допомога, запитайте.

Thunderbird saved/cached private key that I want to delete

  • 2 відповіді
  • 1 має цю проблему
  • 1 перегляд
  • Остання відповідь від Jacek Bilski

Jacek Bilski
Jacek Bilski
more options

I'm using an SSL certificate to sign and encrypt my mail. It was working OK. Then I bought myself a security key with a smartcard functionality (YubiKey 5) and moved my private key there. I also installed another "security device" using OpenSC and through that I can see, that there is indeed my certificate on this smartcard. The problem is that when I first decrypt a mail with this key, remove the security key from USB and restart Thunderbird, I can now encrypt, decrypt and sign mails as if I had my smartcard in USB port. So the whole security idea goes completely away.

I'm looking at my key4.db file, which looks like it contains still my private key, or at least traces of certificate (if I look inside using text editor). SQLite3 is also showing some inserts. I found out about certutil and tried to take a peek inside this key4.db, but it asks me for a password which I don't have.

What am I doing wrong? What did I miss? How can I remove from Thunderbird all traces of this private key and force it to ask me for this smartcard?

I'm using an SSL certificate to sign and encrypt my mail. It was working OK. Then I bought myself a security key with a smartcard functionality (YubiKey 5) and moved my private key there. I also installed another "security device" using OpenSC and through that I can see, that there is indeed my certificate on this smartcard. The problem is that when I first decrypt a mail with this key, remove the security key from USB and restart Thunderbird, I can now encrypt, decrypt and sign mails as if I had my smartcard in USB port. So the whole security idea goes completely away. I'm looking at my key4.db file, which looks like it contains still my private key, or at least traces of certificate (if I look inside using text editor). SQLite3 is also showing some inserts. I found out about certutil and tried to take a peek inside this key4.db, but it asks me for a password which I don't have. What am I doing wrong? What did I miss? How can I remove from Thunderbird all traces of this private key and force it to ask me for this smartcard?

Обране рішення

I think you need to remove cert9.db, and possibly the obsolete cert8.db, together with key4.db (and obsolete key3.db).

http://kb.mozillazine.org/Transferring_data_to_a_new_profile_-_Thunderbird#Saved_passwords

http://kb.mozillazine.org/Files_and_folders_in_the_profile_-_Thunderbird

Читати цю відповідь у контексті 👍 0

Усі відповіді (2)

sfhowes
sfhowes
  • Top 10 Contributor
more options

Вибране рішення

I think you need to remove cert9.db, and possibly the obsolete cert8.db, together with key4.db (and obsolete key3.db).

http://kb.mozillazine.org/Transferring_data_to_a_new_profile_-_Thunderbird#Saved_passwords

http://kb.mozillazine.org/Files_and_folders_in_the_profile_-_Thunderbird

Jacek Bilski
Jacek Bilski Власник питання
more options

OK, the method was a bit brutal, because, as expected, I had to enter all passwords to all accounts again, but now it does seem to finally work like expected.

Thanks