On 07/04/2009 08:28 AM, Nelson B Bolyard:
That's why I reason that the CA and user cert have to come from the same
source, either the software storage or the token. But mixing the stores
doesn't seem possible.
Except that I do that all the time.
True.
Actually, I haven't seen evidence of that, although you did claim that when
you imported the PKCS#12 file into the software token, that the missing CA
cert was then found present.
It's not a good idea to place the CA certificate on the token because
the trust bits may get confused. It's better to import the CA root into
the software store.
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
Jabber: start...@startcom.org
Blog: https://blog.startcom.org
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
