Re: [Fed-Talk] Problem loading root certificates
Re: [Fed-Talk] Problem loading root certificates
- Subject: Re: [Fed-Talk] Problem loading root certificates
- From: Shawn Geddis <email@hidden>
- Date: Tue, 4 Jan 2005 11:07:18 -0500
On Jan 4, 2005, at 7:41 AM, Daniel Clark wrote:
I've been rebuilding one of our Macs (a G4 867 MHz), and was in the
process of re-CaCifying when I ran into a strange problem. I went to
DISA to load the certs into Mozilla
(http://dodpki.c3pki.chamb.disa.mil/dodcacerts.cac and
http://dodpki.c3pki.chamb.disa.mil/dodroot.cac), but only got two
subordinate CA certs instead of the whole list. I can't remember which
ones, and my notes aren't with me right now.
Dan,
You are not the first and unfortunately not the last to experience this
problem. It would appear that the format of the posting of certs at
the above noted URLs has changed and is causing problems for many users
using _any_ of the browsers. I have helped several users by providing
either a fully populated Cert database (cert8.db) as you noted as well
as individual Trusted Root Certs for their importing into the desired
browsers.
As a side note:
Remember that on Mac OS X, for applications that properly leverage the
built in Credential Services, are accessing the X509Anchors &
X509Certificates where these DoD Trusted Root and Intermediate Certs
are already installed. I know this does not help you with your above
stated problem, but want you all to be aware.
I am working on this... :)
-Shawn
___________________________________________
Shawn Geddis
Security Consulting Engineer
Apple Computer - US Federal Government
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden