Eddy Nigg wrote:
Please file a bug. Trust is supposed to be independent of where the cert actually lives in. The current version NSS should be perfectly happy with the same certificate living in multiple locations.Ah yes, maybe I should...it's in my nature to work around such problems too many times. Basically if the CA certificates are imported into the card, than those CAs take preference by NSS (for whatever ever reason). Meaning, the builtin CA root isn't visible in the cert manager, but the one from the smart card is. Unfortunately, the trust bit sets only "web sites" to true. Editing the trust bits helps for the session, but it's obviously gone after restart. That's correct with Athena card reader and Aladdin eToken Pro Smart Card using Aladdin's middle ware and driver.
bob
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto