Currently, when doing a P12 import, CMS calls the NSS P12 import functions, which import the leaf cert on the selected token, and all the other certs in the softoken. This gets in the way of portability of smartcards. PSM needs to call a new NSS function to import all the certs to the hardware token. See bug 142889.
Depends on: 142889
Summary: certificate manger needs to allow importing full p12 chain on a hardware token → certificate manager needs to allow importing full p12 chain on a hardware token
142889 was marked a duplicate of 142867. That bug is fixed in NSS 3.8
Depends on: 142867
Mass reassign ssaux bugs to nobody
Assignee: ssaux → nobody
I believe that I have confirmed that this bug is still alive in Firefox 1.0 Preview Release. I'm using a Schlumberger smartcard and the Litronics NetsignCAC PKCS#11 module. Accessing sites that require client certificates works fine in IE, but doesn't work in Firefox or Netscape 7.1. (Or rather, it works for some sites, but not others.) After I explicitly added the chaining certs as recognized CAs, then it the cert on the smartcard does work.
I don't think it's Firefox's role to implement this.
Status: NEW → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → WONTFIX
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.