gary.truong wrote:
Hi, I have a pkcs#12, sending from server to browser as binary with
[snip]
Running Mozilla on windows, Microsoft's "certificate import wizard" is
invoked to import the pkcs12 into windows certificate store but don't
want this.
That's a consequence of using a file name suffix known to Windows.
The question is : Using Mozilla browser, how can we import the pkcs12 into
Mozilla's cert store?
IINM, Mozilla does not presently support the one step download and
installation of PKCS12 files. That was intentional IIRC.
Use of downloaded PKCS12 files was (and is, IMO) thought to be poor
security practice for several reasons.
(notes: we can import the pkcs12 file to Mozilla's cert store, but the
question here is how to deal with the binary sending from the server).
The Content-disposition: attachment HTTP header should force the file
to be saved to disk. However, if you're also concerned with IE, see
http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q279667
--
Nelson B
_______________________________________________
mozilla-crypto mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-crypto
