I am currently using mozilla v1.4 and I am not suceeding in using SSL connection with client authentication. My personal certificates are stored in PCKS#11 smart card.
Mozilla seems to access correctly the certificates stored on the card, but the SSL connection is not open and I receive an error 12221, but the server is correctly set up to accept the certificate.
According to http://www.mozilla.org/projects/security/pki/nss/ref/ssl/sslerr.html#1042974
error code -12221 (all SSL error codes are negative numbers) means
"SSL was unable to extract the public key from the peer's certificate."
In other words, the SSL code in the browser wasn't able to extract a valid public key from the server's certificate.
This is somehow curious, because the good old Netscape Navigator 4.7/4.8 worked very well!
Mozilla detects some certificate errors that N4.x did not detect, and understands many certificates that N4.x could not.
Maybe the server changed its certificate recently?
Anyone out there with similar problem?
Can't help more than that without the URL of the offending server.
