Cryptography Tutorials - Herong's Tutorial Examples - v5.42, by Herong Yang
Importing CA Certificate into Firefox
This section provides a tutorial example on how to import a CA certificate into Firefox in the 'Authorities' category.
After exporting certificates from Firefox, I want to test the certificate import function of Firefox. First I want to import my own self-signed certificate, herong.crt, generated in previous tutorials as a CA certificate into Firefox.
1. Repeat steps listed in the previous tutorial until you see the Certificate Manager dialog box.
2. Click the "Your Certificates" tab and click the "Import" button. The File Name to Restore dialog box shows up.
3. Change the selection in "Files of type" from "PKCS12 Files" to "All Files" and select "herong.crt".
4. Click the "Open" button. Surprisingly, the Password Entry Dialog box shows up with this message: "Please enter the password that was used to encrypt this certificate backup." Why Firefox is asking for password to import a certificate?
It looks like only certificates stored in PKCS12 format can be imported into the "Your Certificates" category. I need to select another category to do the import.
5. Click the "People" tab and click the "Import" button. The "Select File containing somebody's Email certificate to import" dialog box shows up.
6. Keep the select in "Files of type" as "Certificate Files" and select "herong.crt".
7. Click the "Open" button. Another surprise, an alert message shows up: "This certificate can't be verified and will not be imported. The certificate issuer might be unknown or untrusted, the certificate might have expired or been revoked, or the certificate might not have been approved."
By looking at those certificate category names, I think my CA certificate should be imported into "Authorities" category.
8. Click the "Authorities" tab and click the "Import" button. The "Select File containing Server certificate to import" dialog box shows up.
9. Keep the select in "Files of type" as "Certificate Files" and select "herong.crt".
10. Click the "Open" button. The "Downloading Certificate" dialog box shows up with these options:
You have been asked to trust a new Certificate Authority (CA). Do you want to trust "Herong Yang" for the following purposes? [ ] Trust this CA to identify Web sites. [ ] Trust this CA to identify email users. [ ] Trust this CA to identify software developers. Before trusting this CA for any purpose, you should examine its certificate and its policy and procedures (if available).
11. Check all checkboxes and click the OK button. My certificate will be imported into Firefox as a trusted CA certificate.
Table of Contents
Introduction to AES (Advanced Encryption Standard)
DES Algorithm - Illustrated with Java Programs
DES Algorithm Java Implementation
DES Algorithm - Java Implementation in JDK JCE
DES Encryption Operation Modes
PHP Implementation of DES - mcrypt
Blowfish - 8-Byte Block Cipher
Secret Key Generation and Management
Cipher - Secret Key Encryption and Decryption
RSA Implementation using java.math.BigInteger Class
Introduction of DSA (Digital Signature Algorithm)
Java Default Implementation of DSA
Private key and Public Key Pair Generation
PKCS#8/X.509 Private/Public Encoding Standards
Cipher - Public Key Encryption and Decryption
OpenSSL Introduction and Installation
OpenSSL Generating and Managing RSA Keys
OpenSSL Generating and Signing CSR
OpenSSL Validating Certificate Path
"keytool" and "keystore" from JDK
"OpenSSL" Signing CSR Generated by "keytool"
Migrating Keys from "keystore" to "OpenSSL" Key Files
Certificate X.509 Standard and DER/PEM Formats
Migrating Keys from "OpenSSL" Key Files to "keystore"
Using Certificates in Google Chrome
►Using Certificates in Firefox
Visiting an "https" Web Site with Firefox
Managing Certificates in Certificate Stores
Exporting Certificates Out of Firefox
OpenSSL Viewing Certificates Exported from Firefox
►Importing CA Certificate into Firefox