Re: [Fed-Talk] Two different PIV certificates on CAC?
Re: [Fed-Talk] Two different PIV certificates on CAC?
- Subject: Re: [Fed-Talk] Two different PIV certificates on CAC?
- From: "Disiena, Ridley (MSFC-IS90)[EAST2]" <email@hidden>
- Date: Tue, 11 Sep 2018 16:44:17 +0000
- Dkim-filter: OpenDKIM Filter v2.11.0 ndmsvnpf101.ndc.nasa.gov 32FA9400CD02
- Thread-topic: [Fed-Talk] Two different PIV certificates on CAC?
Just FYI in case you have not seen it. Firefox has a newish setting called
“security.enterprise_roots.enabled”. It pulls in CA certs from CAPI on Windows.
As of version 63 it is said to pull CA certs from keychains on macOS, however
it does not look like it will make it to the ESR release until 68, currently
slated for July 2019.
Here is the bug info: https://bugzilla.mozilla.org/show_bug.cgi?id=1300420
-Ridley
On 9/11/18, 12:33 PM, "Fed-talk on behalf of Ken Hornstein"
<fed-talk-bounces+ridley.disiena=email@hidden on behalf of
email@hidden> wrote:
It actually works with Firefox now, at least for me. I need to do some
internal cleanup and I'd like to make it so it will expose CA certificates
that are located in the Keychain, so you don't need to add certificates to
Firefox and other applications (CACKey has the certificiates it exposes
compiled into it and that doesn't seem so robust to me). Hopefully the
first
"real" beta release will be an actual installable package.
--Ken
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden