Hi Nuno, I'm cc'ing the developers list as well.
Mozilla has removed some crypto functions which OpenCA uses in Firefox 33: https://wiki.mozilla.org/SecurityEngineering/Removing_Proprietary_window.crypto_Functions As a replacement they propose the webcrypto API: http://html5.creation.net/webcrypto-api/ For signing certificates I'm using the ESR branch of Firefox as a workaround until we have an updated CA package. As far as I can see, for users the browser based requests are working with the latest Firefox as well, so only the CA/RA-operators need a special workaround at the moment. I'll try to look into this, but to be honest, I have no clue yet how much work this means and how much time I can find in the near future. Maybe someone else on the developers list has already done some work on this? best regards, Martin PS: I didn't verify my colleague's hint about Opera - I'm sorry if you wasted your time due to my previous post. On 11/06/2014 04:23 PM, Nuno Dias wrote: > Hi Martin, > > Yes, although is not a solution, Firefox 31 can sign the requests, in > Opera I can't even load a certificate :( > > Cheers, > Nuno > > On Thu, 2014-11-06 at 11:45 +0100, Martin Hecht wrote: >> Hi Nuno, >> >> I haven't a solution yet, but a workaround could be to use the Extended >> Support Release 31 of Firefox which still works with this signing >> procedure. It is available here: >> http://www.mozilla.org/en-US/firefox/organizations/all.html and >> presumably gets updates until summer 2015. >> >> Alternatively, a colleague just mentioned Opera 12 which works according >> to him... >> >> best regards, >> Martin >> >> On 11/05/2014 06:32 PM, Nuno Dias wrote: >>> Hi all, >>> >>> Since the last update of firefox (33) I can't sign certificates >>> requests, the openca version is 1.1.1, and I get this error in the >>> console of firefox >>> >>> "Netscape" signForm.js:4 >>> "crypto supported on firefox!" signForm.js:6 >>> TypeError: theWindow.crypto.signText is not a function signForm.js:54 >>> "Netscape" signForm.js:4 >>> "crypto supported on firefox!" >>> >>> I saw the code of the last version of openca (1.5.0) and the signForm.js >>> has the same call, anyone can advise a solution to this problem? >>> >>> Thanks, >>> Nuno -- Dr. Martin Hecht High Performance Computing Center Stuttgart (HLRS) Office 0.051, HPCN Production, IT-Security University of Stuttgart Nobelstraße 19, 70569 Stuttgart, Germany Tel: +49(0)711/685-65799 Fax: -55799 Mail: he...@hlrs.de Web: http://www.hlrs.de/people/hecht/ PGP Key Fingerprint: 41BB 33E9 7170 3864 D5B3 44AD 5490 010B 96C2 6E4A ------------------------------------------------------------------------------ _______________________________________________ Openca-Users mailing list Openca-Users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-users
