Eitzenberger Thomas wrote: > > Hold the horses :o) and thanx for the speedy reply/support > > A little line makes me suspicious about my success on importing my > private key: > > Beside the Help button in the Certificate Manager the line reads: > > "Certificates have not been validated with OCSP. Click View to do so" > > Clicking View yields: > > "Could not verify this certificate for unknown reasons." > > If it is helpful I could supply some details like (fingerprints for SHA1 > and MD5, ....) > or the OCSP settings (now using the Use OCSP to validate only > certificates that specify an OCSP Service URL)
If you think OCSP is the problem, turn it off completely. If that solves all your problems, then OCSP was the problem. Otherwise it wasn't. > Now do I have successfully imported my key or not ? At least it is shown > in the list of my private keys. > May this be the reason for not being able to send encrypted or signed > mails cause when I want to do so > mozilla complains about not having a private key for me in the system > and ask if it should show me the guide on how to install a key ? I wonder if there's a problem with the German translation of the mozilla dialogs. The english version doesn't talk about private keys. It talks about "personal certificates", IINM. Previously, you wrote: > >>Now I got my private key and imported it into Mozilla without any > >>problem. I can read any encrypted mail that I get from any siemens > >>employee. Ergo, you have a private key and it works. The problem seems to be with your personal certificate, not your private key. I suspect that mozilla finds something wrong with your certificate, thinking it is not suitable for email. Earlier you posted someone else's cert. Why don't you post your own cert here? As quoted above, you said you imported your private key, but you didn't say how you did it. You also didn't mention your own certificate. Please explain the steps you followed to import your private key and certificate. You also wrote: > >>One hint probably: I can not import any public key from anyone. It > >>silently ignores the import and does NOT show the other people in the > >>tabbed list box I'm going to guess here that you're using a windows PC, and you're attempting to import .cer or .der files with a file:// URL. Or perhaps you're downloading the certs from a server that sends them with the MIME type application/pkix-cert. Did I guess right? If I'm right, then you're actually importing them into Windows' cert store, not mozilla's. You must import them with the proper MIME content type for mozilla to recognize them. -- Nelson Bolyard Disclaimer: I speak for myself, not for Netscape
