Hi, [I erroneously posted this message on netscape.public.mozilla.crypto before]
I have tried a number of things to make Thunderbird import a certificate and key, with no success. Originally it was in PKCS12 format, issued by my organization as my personal certificate. Whenever I try to import it, I get the error message "The certificate and private key already exist on the security device" (which was definitely not true - it even failed with an empty certificate db). The certificate was made for signing and came together with another certificate (made for encryption) with which I had no problems. In the same package, I also got two CA certs in pkcs12 format which I also imported happily. I then converted the certificate to PEM format with openssl. Trying to import the PEM cert with thunderbird generated no error message, but still the imported certificate showed up nowhere. certutil -L also didn't list it. Importing the cert into the db with certutil -i, however, worked as far as certutil itself was concerned (the cert showed up afterwards with certutil -L). But in the thunderbird certificate manager, the imported certificate still wouldn't show up, neither under "personal certificates" nor anywhere else. Looking at the certificates with "openssl x509" I found no indication of anything being wrong with it (but really judging that exceeds my level of expertise). The only noteworthy thing is that the certificate was originally generated for import with the CryptoEx Outlook plugin, and made for signing only: X509v3 extensions: X509v3 Key Usage: critical Digital Signature X509v3 Subject Alternative Name: email:[EMAIL PROTECTED] X509v3 Extended Key Usage: critical E-mail Protection, 1.3.6.1.4.1.311.10.3.12 I tried different thunderbird versions, latest was 1.5.0.8, with no difference. I tried to import these certificates with kmail (Ägypten), and everything worked fine there. I'd appreciate any suggestions. Thanks, Martin _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto