Last Comment Bug 840279 - please add -nokeys to the S/MIME export example
: please add -nokeys to the S/MIME export example
Status: RESOLVED FIXED
:
Product: bugzilla.mozilla.org
Classification: Other
Component: Extensions: SecureMail (show other bugs)
: Production
: x86_64 Windows 7
: -- normal (vote)
: ---
Assigned To: Gervase Markham [:gerv]
:
Mentors:
https://bugzilla.mozilla.org/page.cgi...
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2013-02-11 14:37 PST by Daniel Veditz [:dveditz]
Modified: 2013-02-12 06:57 PST (History)
4 users (show)
See Also:
Due Date:
QA Whiteboard:
Iteration: ---
Points: ---


Attachments
Patch v.1 (2.05 KB, patch)
2013-02-12 01:34 PST, Gervase Markham [:gerv]
dveditz: review+
Details | Diff | Review

Description Daniel Veditz [:dveditz] 2013-02-11 14:37:24 PST
The SecureMail help page cautions people not to use the private key part of the exported PEM file, but it's safer if they don't even export that in the first place. Please change the example openssl command line to

   openssl pkcs12 -in certificate.p12 -out certificate.pem -nodes -nokeys

... that is, add the -nokeys argument.

Then you can drop the warnings about the .pem file containing the private key, it's safe to leave the file around at that point since it's all public data.
Comment 1 Daniel Veditz [:dveditz] 2013-02-11 14:38:43 PST
The page URL is  https://bugzilla.mozilla.org/page.cgi?id=securemail/help.html
(in case the URL field gets changed, plus easier to find in a comment sometimes).
Comment 2 Gervase Markham [:gerv] 2013-02-12 01:34:21 PST
Created attachment 712840 [details] [diff] [review]
Patch v.1

Good idea. Will this do?

Gerv
Comment 3 Daniel Veditz [:dveditz] 2013-02-12 02:16:55 PST
Comment on attachment 712840 [details] [diff] [review]
Patch v.1

that works, r=dveditz
Comment 4 Gervase Markham [:gerv] 2013-02-12 02:25:11 PST
Committing to: bzr+ssh://bzr.mozilla.org/bugzilla/extensions/securemail/4.0/   
modified template/en/default/pages/securemail/help.html.tmpl
Committed revision 25

glob/dkl: can you pull this change into the relevant bmo branches?

Gerv
Comment 5 David Lawrence [:dkl] 2013-02-12 06:57:03 PST
Done

Committing to: bzr+ssh://dlawrence%40mozilla.com@bzr.mozilla.org/bmo/4.0             
modified extensions/SecureMail/template/en/default/pages/securemail/help.html.tmpl
Committed revision 8479

Committing to: bzr+ssh://dlawrence%40mozilla.com@bzr.mozilla.org/bmo/4.2             
modified extensions/SecureMail/template/en/default/pages/securemail/help.html.tmpl
Committed revision 8547

dkl

Note You need to log in before you can comment on or make changes to this bug.