Closed Bug 154251 Opened 23 years ago Closed 9 years ago

certificate manager needs to allow importing full p12 chain on a hardware token

Categories

(Core Graveyard :: Security: UI, defect)

Product:
Core Graveyard
Component:
Security: UI
Version:
Other Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: julien.pierre, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: [kerh-coz])

Currently, when doing a P12 import, CMS calls the NSS P12 import functions, which import the leaf cert on the selected token, and all the other certs in the softoken. This gets in the way of portability of smartcards. PSM needs to call a new NSS function to import all the certs to the hardware token. See bug 142889.
Depends on: 142889
Summary: certificate manger needs to allow importing full p12 chain on a hardware token → certificate manager needs to allow importing full p12 chain on a hardware token
Blocks: 154246
142889 was marked a duplicate of 142867. That bug is fixed in NSS 3.8
Depends on: 142867
Mass reassign ssaux bugs to nobody
Assignee: ssaux → nobody
I believe that I have confirmed that this bug is still alive in Firefox 1.0 Preview Release. I'm using a Schlumberger smartcard and the Litronics NetsignCAC PKCS#11 module. Accessing sites that require client certificates works fine in IE, but doesn't work in Firefox or Netscape 7.1. (Or rather, it works for some sites, but not others.) After I explicitly added the chaining certs as recognized CAs, then it the cert on the smartcard does work.
Product: PSM → Core
Whiteboard: [kerh-coz]
QA Contact: junruh → ui
I don't think it's Firefox's role to implement this.
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → WONTFIX
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.