Avatar for Username

Mozilla Destek’te Ara

Destek dolandırıcılığından kaçının. Mozilla sizden asla bir telefon numarasını aramanızı, mesaj göndermenizi veya kişisel bilgilerinizi paylaşmanızı istemez. Şüpheli durumları “Kötüye kullanım bildir” seçeneğini kullanarak bildirebilirsiniz.

Learn More

Bu başlık arşivlendi. Yardıma ihtiyacınız varsa lütfen yeni bir soru sorun.

Setting default client certificate for site, using certutil

  • 2 yanıt
  • 1 kişi bu sorunu yaşıyor
  • 1 gösterim
  • Son yanıtı yazan: cor-el

Fairyyyy
Fairyyyy
more options

I"m trying to use the certutil, to basically change the default client certificate, for the sitr authorization. This of course can be done using firefox "advanced" menu, but i want to write a simple bat. So i looked up there is -t option

p prohibited (explicitly distrusted) P Trusted peer c Valid CA T Trusted CA to issue client certificates (implies c) C Trusted CA to issue server certificates (SSL only) (implies c) u Certificate can be used for authentication or signing w Send warning (use with other attributes to include a warning when the certificate is used in that context)

So which is the way to make firefox to trust the choosen client certificate by default? Also this option is for cert file, but is there a way to modify a cert that is already imported to cert8.db? Is it even possible with certutils?

I"m trying to use the certutil, to basically change the default client certificate, for the sitr authorization. This of course can be done using firefox "advanced" menu, but i want to write a simple bat. So i looked up there is -t option p prohibited (explicitly distrusted) P Trusted peer c Valid CA T Trusted CA to issue client certificates (implies c) C Trusted CA to issue server certificates (SSL only) (implies c) u Certificate can be used for authentication or signing w Send warning (use with other attributes to include a warning when the certificate is used in that context) So which is the way to make firefox to trust the choosen client certificate by default? Also this option is for cert file, but is there a way to modify a cert that is already imported to cert8.db? Is it even possible with certutils?

Tüm Yanıtlar (2)

guigs
guigs
more options

The only way to modify a cert that has already been imported is to remove it and add the new one. However you may still run into this issue if it does not comply with the certificate restrictions NSS 3.19-> if this is a recent issue you can review the changes that were made: here

There was a change in CA certs that might be causing this issue: https://www.mozilla.org/en-US/about/g.../policy/ Disabling it would make it less secure, but to disable it, the config is called mozilla:pix.

Other references:

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

See also: