Re: My shy certificate

Wed, 09 Aug 2006 18:25:31 -0700 

Nelson B wrote:

So, assuming that you're the first of many future HP TPM users, please help
us to understand exactly how you got that private key in the first place.


With pleasure:


On a desktop PC, I opened Mozilla Firefox, and navigated to 
http://www.verisign.com.au/gatekeeper/individual.shtml. I clicked Buy 
Now, and followed the instructions presented to me. At a point in that 
process, I was informed that public and private keys had been created 
for me. Further, I was informed that, when I eventually received my 
certificate - it takes about a week - I would have to download and 
install it using the same machine with which I had registered.



I then took an inordinate number of identity evidence documents to the 
post office, had an interview, and submitted a form.



A week later, I received an e-mail with instructions on how to download 
my certificate. Again using my desktop PC, I downloaded the certificate 
- well two actually: one for signing, and one for encrypting - and 
installed it in Firefox. I don't remember the exact sequence of key 
presses, but I know that it had to be done from the same browser that I 
had used for registration.


I also downloaded the root certificate for GateKeeper.


I opened Firefox's Certificate Manager, highlighted one of the 
certificates, clicked Backup, entered a new file name, and clicked Save. 
Firefox required me to enter a password that would protect the new file. 
Firefox then informed me, "Successfully backed up your security 
certificate(s) and private key(s)."


I did the same with the other certificate.


I copied the two files to my notebook: the one with the TPM. I opened 
the Embedded Security Certificate Viewer, and clicked Import. I selected 
one of the backup .p12 files, and entered the password that I had used 
to protect it. The certificate was successfully imported, and showed up 
in the Certificate Viewer. I did the same with the other certificate 
file. The icons next to the imported certificates indicated that the 
private keys had been successfully imported.

_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto























					Reply via email to