Hong Kong Post e-Certificate + Thunderbird Users
You may follow the step-by-step instructions to accomplish the task with/without reading the explanation.
In Thunderbird
1. Tools -> Options -> Advanced -> View Certificates -> Your Certificates
2. Click Import
3. Browse your e-certificate in Floppy or any location you are stored at
(always make backup of your data!)
4. Click Open -> A Password Entry Dialog will be prompted for your certificate.
(password is come with your cert.)
5. Click ok after inputting password and Certificate will appear in "Your Certficates" and "Authorities"
6. Point to check:
In "Your Certificates", if you click View, you will see "Could not verify this certificate for unknown reasons."This is because your certificates is not yet setup to allow for any purpose yet.
To setup your certificate, go to "Authorities Tab", select "Hongkong Post e-Cert CA1" and click Edit, turn on "This Certificate can identify mail users". Go back to "Your Certificates" Tab and View your certificate.
You will see that your certificate is now verified similar to the figure on the left.7. now, if you want to create your self-signed certificate.
You may need Firefox + Key Manager Add-on
(IE seems to be able to do the task but this tutorial is not tested and covered.)
8. Once you installed Firefox and Key Manager. Go to Tools -> Key Manager Tool Box -> Key Manager(Version ###)
9. If your certificate is not yet installed for Firefox. You may install it first. The step and method
is 100% same as Thunderbird.
10. Select your certificate in "Your Keys" tab and click "Generate Self-Signed Cert" button.
(Please note that you will have to generate twice to get the certificate to work with Thunderbird. Explanation will be done later.)
11.
In "X.509V3 Standard Extensions" Tab, turn on "Is CA?"
In "X.509V3 Netscape Extensions" Tab, turn on "S/MIME CA"In "X.509V1 Certificate Attributes" Tab, you may change the email address and so on.
(it is recommended to use default email for your first trial)
***If you have "Generate Self-Signed Certificate" before. It maybe error because serial no is same. You may resolve by clicking "Auto Generate" when you generate the certificate. Or you may delete previous certificates.
Then, click "Generate Self-Signed Cert" button.
12. Once you Generate a certifcate, it will be renamed to "Hongkong Post e-Cert (Personal)".
But do not export the certificate at the moment.
13. Now, Select the just-generated certificate to "Generate Self-Signed Cert" again.
14. Select the 2nd time generated certificate and Export -> X509 -> Base64
("Include Issuer Cert Chain" is optional, if you click this on, the new certificate will appear in Thunderbird's "Your Certificates".)
15. Now Import the generated certificate into Thunderbird "Authorities" Tab. Once it is imported. Find the certificate in the list, select it and then click View to see the details. Bingo!
It is Verified. And you may send the certificate for your friends or anyone you would like to use encrypted email. You may also create as many certificate as you might needed.
<<
http://kb.mozillazine.org/Installing_an_SMIME_certificate
-----------------------------------------------------------------------------------------------------------------------------------
Legal Disclaimer:
THIS BLOG IS PROVIDED ON AN "AS IS" BASIS, AND NO GUARANTEES OR WARRANTIES, INCLUDING, WITHOUT LIMITATION, ANY EXPRESS WARRANTIES OR IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE OR PURPOSE, PERFORMANCE, INFORMATIONAL CONTENT, ACCURACY, OR SYSTEM INTEGRATION, ARE MADE WITH RESPECT TO THIS BLOG, INCLUDING THE INFORMATION CONTAINED ON THIS BLOG. IN NO EVENT SHALL BDMETRICS BE LIABLE FOR ANY DAMAGES WHATSOEVER, INCLUDING, WITHOUT LIMITATION, DIRECT, SPECIAL, INDIRECT, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, OR DAMAGES FOR LOST PROFITS, LOSS OF REVENUE OR LOSS OF USE, ARISING OUT OF YOUR USE OF THIS BLOG, EVEN IF BDMETRICS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
