Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

为提升您的使用体验,本站正在维护,部分功能暂时无法使用。如果本站文章无法解决您的问题,您想要向社区提问的话,请到 Twitter 上的 @FirefoxSupport 或 Reddit 上的 /r/firefox 提问,我们的支持社区将会很快回复您的疑问。

搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

Signing Certificae of my DSC is not showing under 'Your Cerificate' link and only encryption is shown.

  • 8 个回答
  • 5 人有此问题
  • 53 次查看
  • 最后回复者为 mphasis_20

more options

I have a DSC(digital signature certificate) USB token, with both "Encryption" & "Signing" certificates downloaded into it. Both the certificates are visible in my USB Token's middleware. While viewing the certificate under 'Advanced->View Certificates' and under the "your certificate" tab, I can only see my "Encryption Certificate". Why is my UBUNTU system not fetching both the certificates.

The issue is observed with below operating systems- 1. UBUNTU 12.04 LTS Edition 32-Bit 2. MAC OS 10.8.4

However, the same DSC Token is working fine on my windows machine i.e both the certificates are visible under the CertMgr-> Personal tab.

Also, just to describe more, the DSC from the same CA and token vendor is working on some UBUNTU systems too.

I have a DSC(digital signature certificate) USB token, with both "Encryption" & "Signing" certificates downloaded into it. Both the certificates are visible in my USB Token's middleware. While viewing the certificate under 'Advanced->View Certificates' and under the "your certificate" tab, I can only see my "Encryption Certificate". Why is my UBUNTU system not fetching both the certificates. The issue is observed with below operating systems- 1. UBUNTU 12.04 LTS Edition 32-Bit 2. MAC OS 10.8.4 However, the same DSC Token is working fine on my windows machine i.e both the certificates are visible under the CertMgr-> Personal tab. Also, just to describe more, the DSC from the same CA and token vendor is working on some UBUNTU systems too.

被采纳的解决方案

Is your USB Token device listed as a Security Device in Firefox?

定位到答案原位置 👍 0

所有回复 (8)

more options

Unfortunately I think that this is one of the know issues: http://www.mozilla.org/en-US/firefox/.../releasenotes/ that a patch is being reviewed for at the moment.

I am not an expert but does it also show up in the cert db?

more options

I am unable to find "cert db" under my linux environment. Please specify where can I find that. And can any customization be done at end-user level to fix it.

more options

选择的解决方案

Is your USB Token device listed as a Security Device in Firefox?

more options

Yes. To do the same, manual importing of the library file was required, which completed and now the device can be seen under the security devices. But for the certificates to be re-used through browser, it should be under "Your Certificates". However, of the two certificates only "Encryption" is visible under the "your certificates" tab under "view certificates" link. Where as the 'Signing certificate' is visible under 'People' tab. Can there be any workaround to move the signing certificate to 'Your Certificate' tab too.

more options

... the 'Signing certificate' is visible under 'People' tab.

Why is that a problem?

more options

Because to make the certificate usable in various applications it should be under "Personal" or "your Certificate" tab.

more options

Can you give an example?

more options

Signing certificate visible under "People" tab means its not properly bounded with its associated private key. There are CKA_ID and CKA_LABEL components referred by P11 interface. Each object --> certificate template and its associated private key have these values (CKA_ID and CKA_LABEL) which are generated based upon the parameters assigned to the certificate at the time of its generation by CA. Please note that the values of these components for both certificate template and its associated private key should match. If they match,they are well shown under my certificates store and if not they will be shown under "people" store.

In short. you have to approach CA again and provide them above reason and get new certificate generated for you free of cost.