Andreas Semt wrote:
Hello,OK, I will answer myself:
I have done all the steps described in the "MuscleCard HOWTO
Chapter 5 - Mozilla" by Ludovic Rousseau. With Mozilla 1.0.1 I requested a free (e-mail X.509) certificate from Thawte. With muscleTool I can see a lot of objects generated by Thawte on the muscle card. However when I use Mozilla -> Preferences ... -> Privacy & Security -> Certificates -> Manage Certificates (then I have to give the PIN for the Muscle Token) to view the certificates, the Mozilla Certificate Manager shows no certificates at all! What does this mean?
What meanings have the object names on the muscle card (for example c0, c1, C0, C1, ...)? What relationship does the objects (c0 <-> C0 or c0 <-> c1, ...) on the token have to each other?
Can I watch the content of the objects from the muscle card? Therefore I have to export them and use openssl to get the object's content, right? Can anybody send me the openssl syntax for this specific command?
A LOT OF THANKS FOR HELP!
Fine, now I understand ... I have to use the Mozilla Certificate Manager to import the certificate from Thawte onto the card AFTER exported (and deleted it from the Security Device).
Here the steps (if anybody has the same problems ;-)
1. Go to (for example) to Thawte (http://www.thwate.com/) to get a free e-mail certificate.
2. Fill out the register forms (a lot of them!) and wait for a e-mail from Thawte.
3. Follow the instructions in the e-mail and open your Thawte account. Then request your free X.509 certificate FOR YOUR BROWSER (i.e. the Mozilla Security Device), because when I tried to get the certificates for the muscle token, the Mozilla Certificate Manager cannot use/see these certificates on the muscle card (perhaps this is a special problem in my case, who knows ;-)
4. Then you get two e-mails from Thawte. Follow the links in the mails to install the certificate FOR YOUR BROWSER.
5. Backup (means export) the certificate in the Mozilla Certificate Manager. Then delete the certificate from the Mozilla Security Device.
6. Import the backuped certificate in the Mozilla Certificate Manager. Choose the Muscle token for import!
7. Set the security stuff in the e-mail client of Mozilla.
8. Now try to send yourself (*for test purpose*) a signed (or encrypted or signed and encrypted ...) e-mail.
9. Recognize that this is impossible, because the FREE Thawte certificate is issued to "Thawte Freemail Member" (of course with the e-mail address from your certificate request)! The problem is (only in my case?) that you can only send a signed e-mail when you have the certificate from the recipient (-> the "Thawte Freemail Member", but your e-mail address) and from the sender (your e-mail address). I have only the certificate for "Thawte Freemail Member" (which has "my" mail address), but I have NO certificate for the recipient (me, also my mail adress -> the certificate is issued to the name "Thawte Freemail Member", not to _my_ name AND my mail address)! Is that funny, isn't it?
Can anybody say if I have (again) some problems to get the point or is that the FREE in the "get your FREE personal email certificate" from the Thawte homepage?
Greetings,
--
Andreas Semt ([EMAIL PROTECTED])
_______________________________________________
Muscle mailing list
[EMAIL PROTECTED]
http://lists.musclecard.com/mailman/listinfo/muscle
