Dave
Thank you for the detailed explanation. It all makes sense now.
You generated the key pair on a PC that didn't have the TPM chip.
So the private key couldn't have been generated in the TPM chip,
and when you generated it, mozilla (FF/TB/SM) didn't ask you which
device you wanted to use to g
Nelson B wrote:
So, assuming that you're the first of many future HP TPM users, please help
us to understand exactly how you got that private key in the first place.
With pleasure:
On a desktop PC, I opened Mozilla Firefox, and navigated to
http://www.verisign.com.au/gatekeeper/individual.sht
Wan-Teh Chang wrote:
Dave, do you need to enter a PIN or password to use
the private key stored in the TPM?
Yes, Thunderbird asks me for my password to the Embedded Security Chip,
presumably as part of its interaction with the TPM via PKCS#11.
___
d
"Wan-Teh Chang" wrote:
>This thread makes me want to buy a laptop or PC
>with a TPM to play with.
You will be even more interested buying into this when
the TPM is in your mobile phone and connects to the
PC (and NSS) through NFC/WLAN. The silicon
cost for the TPM is about 50cent according to v
Dave
One thing that isn't clear to me: how (with what program, by what exact steps)
did you originally generate your pair of keys and get your certificate?
I'm thinking now that perhaps you did it with some tool that did not use
your TPM, and consequently, the private key was never in the TPM.
Pe
This thread makes me want to buy a laptop or PC
with a TPM to play with. I'm glad that HP provides
a PKCS #11 library for the TPM.
Dave, do you need to enter a PIN or password to use
the private key stored in the TPM?
Wan-Teh
___
dev-tech-crypto maili
Dave Pinn wrote:
Is there a Mozilla utility with which I can attempt to import a
certificate *into* my PKCS#11 module?
___
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
If you are talk
Well, you are in luck, Dave - your foresight has worked in
your favor. You do have the Private Key; it is inside the
P12 file you created (I made the incorrect assumption that
the key was generated in the TCP chip and could not be
exported).
If you enrolled for the certificate using IE, then you
Arshad Noor wrote:
You may have been a little hasty, Dave.
It wouldn't be the first time, Arshad.
I suspect you've deleted the Private Key from the TCP chip.
Hmm. I think you may be right.
But if you did delete it from ProtectTools, where did you find a
certificate to import it into Thund
You may have been a little hasty, Dave. I suspect you've deleted
the Private Key from the TCP chip.
But if you did delete it from ProtectTools, where did you find a
certificate to import it into Thunderbird?
Thunderbird allows you to import a cert into its cert-store even
without a Private Key,
certutil is the standard Mozilla utility to do this; but
since certutil cannot see your certificate, you should
attempt to see if the certificate is in the Windows
certificate-store (it is more likely that the cert is
there than in the Mozilla cert-store).
Two ways of verifying this:
1) a) Selec
I am very excited to report that I managed to find a solution, although
why it worked remains a mystery.
I deleted my certificate from ProtectTools; I then imported it into
Thunderbird, selecting "Embedded Security Chip" as the token. Simple,
huh? Why didn't I try that earlier, I ask myself.
12 matches
Mail list logo