Re: [Fed-Talk] CA11 Certificates Keychains and Entourage
Re: [Fed-Talk] CA11 Certificates Keychains and Entourage
- Subject: Re: [Fed-Talk] CA11 Certificates Keychains and Entourage
- From: "Timothy J. Miller" <email@hidden>
- Date: Mon, 17 Apr 2006 16:09:23 -0500
Brian Cadwell wrote:
I'm just in the process of doing all this. I managed to import the Root CA 2
into X509Anchors, but now I'm having trust issues. How do I get OS X to
bless this bad boy?
Trust issues in what way and in which app?
Frex, Keychain Access needs a relaunch when you add a new root to
X509Anchors; the UI elements don't get updated otherwise.
Some apps use their own certificate trust lists, even if they're
keychain-aware (there are more roots in X509Anchors than you probably
want to trust all the time); these lists will have to be edited.
Anything using NSS (Mozilla, Firefox, Thunderbird, etc) aren't
keychain-aware at all and need to have the roots added to their own cert
store.
PS - for those of you that go to GDS and see only the base64 version of the
new root. This is the command I used to decode it:
If you rename it .cer or .pem instead of .base64 it should launch
Keychain Access from Finder without recoding to DER format. Keychain
Access is already associated with those file extensions and it
understands both ASN.1 encodings.
-- Tim
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden