Closed Bug 139431 Opened 22 years ago Closed 22 years ago

Problems importing Certificate with chained CA-Cert included

Categories

(Core Graveyard :: Security: UI, defect)

Product:
Core Graveyard
Component:
Security: UI
Version:
1.0 Branch
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
VERIFIED DUPLICATE of bug 136920

People

(Reporter: nplass, Assigned: ssaux)

Details

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0rc1) Gecko/20020417
BuildID:    2002041711

First: I am not a Cert-export so maybe I got it all wrong...
You generade a cert with Openssl and the you use the PKCS12 option to export it
to a mozilla readable form, that is a .p12 file. The problem araises if you use
the -chain or -certfile switch to inculde the CA cert into your personal cert.
When you then import the .p12 file to Mozilla things go fine with "Your Cert"
but the CA-cert is not displayed. However when you then try to import the CA
cert as a .der-file via a Webinterface, Mozilla says "Certificate already
exists" and does not import. 
During all time the validity of "Your Cert" is false, as if the CA-cert was not
there.

Reproducible: Always
Steps to Reproduce:
# CA.sh -newreq
# CA.sh -sign
# openssl pkcs12 -export -certfile ./demoCA/cacert.pem  -in newcert.pem
-inkey newreq.pem -out MyCert.p12

Then import to Mozilla

Expected Results:  Import the CA-Cert properly, so it is shown under
"authroties" and "MyCert" is validated positive.
To PSM
Assignee: mstoltz → ssaux
Status: UNCONFIRMED → NEW
Component: Security: General → Client Library
Ever confirmed: true
Product: MailNews → PSM
Version: other → 2.0

*** This bug has been marked as a duplicate of 136920 ***
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → DUPLICATE
Verified.
Status: RESOLVED → VERIFIED
Product: PSM → Core
Version: psm2.0 → 1.0 Branch
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.