Nelson B wrote:
So, assuming that you're the first of many future HP TPM users, please help
us to understand exactly how you got that private key in the first place.
With pleasure:
On a desktop PC, I opened Mozilla Firefox, and navigated to
http://www.verisign.com.au/gatekeeper/individual.shtml. I clicked Buy
Now, and followed the instructions presented to me. At a point in that
process, I was informed that public and private keys had been created
for me. Further, I was informed that, when I eventually received my
certificate - it takes about a week - I would have to download and
install it using the same machine with which I had registered.
I then took an inordinate number of identity evidence documents to the
post office, had an interview, and submitted a form.
A week later, I received an e-mail with instructions on how to download
my certificate. Again using my desktop PC, I downloaded the certificate
- well two actually: one for signing, and one for encrypting - and
installed it in Firefox. I don't remember the exact sequence of key
presses, but I know that it had to be done from the same browser that I
had used for registration.
I also downloaded the root certificate for GateKeeper.
I opened Firefox's Certificate Manager, highlighted one of the
certificates, clicked Backup, entered a new file name, and clicked Save.
Firefox required me to enter a password that would protect the new file.
Firefox then informed me, "Successfully backed up your security
certificate(s) and private key(s)."
I did the same with the other certificate.
I copied the two files to my notebook: the one with the TPM. I opened
the Embedded Security Certificate Viewer, and clicked Import. I selected
one of the backup .p12 files, and entered the password that I had used
to protect it. The certificate was successfully imported, and showed up
in the Certificate Viewer. I did the same with the other certificate
file. The icons next to the imported certificates indicated that the
private keys had been successfully imported.
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto