4.1. Using the Certificates on the Token for SSL

4.1. Using the Certificates on the Token for SSL

To use the certificate on the token for SSL in an application such as Mozilla Firefox:

  1. In Mozilla Firefox, open the Tools menu, choose Options, and then click Advanced.

  2. Add a PKCS #11 driver.

    NOTE

    Windows and Macs automatically attempt to load the PKCS #11 module to any Mozilla browsers they find.

    1. Click Manage Security Devices to open the Device Manager window, and then click the Load button.

    2. Enter a module name, such as token key pk11 driver.

    3. Click Browse, find the Enterprise Security Client PKCS #11 driver, and click OK.

  3. If the CA is not yet trusted, download and import the CA certificate.

    1. Open the SSL End Entity page on the CA. For example: 

      https://example.com:9443/ca/ee/ca

    2. Click the Retrieval tab, and then click Import CA Certificate Chain.

    3. Click Download the CA certificate chain in binary form and then click Submit.

    4. Choose a suitable directory to save the certificate chain, and then click OK.

    5. Click Edit > Preferences, and select the Advanced tab.

    6. Click the View Certificates button.

    7. Click Authorities, and import the CA certificate.

  4. Set the certificate trust relationships.

    1. Click Edit > Preferences, and select the Advanced tab.

    2. Click the View Certificates button.

    3. Click Edit, and set the trust for websites.

The certificates can be used for SSL.