Grid Cert Import to Firefox or Thunderbird

Various client programs can use your grid certificate for establishing your identity to servers. Usually they want to import the certificate in PKCS12 format. Here is how to convert the .pem encoded files (as used by Globus) into PKCS12 format.

You will supply the password for your .pem encoded certificate to unlock it. You will then supply a new password that will be used to lock the PKCS12 formatted certificate. This second password will be supplied to your application when loading (or using) the certificate.

Assuming that I have the cert and key file in ~/.globus directory:

-bash-2.05b$ openssl pkcs12 -export -out cert.pkcs12 -in .globus/usercert.pem -inkey .globus/userkey.pem 
Enter pass phrase for .globus/userkey.pem:
Enter Export Password:
Verifying - Enter Export Password:

-bash-2.05b$ ls -l cert.pkcs12 
-rw-r--r--    1 rockwell rockwell     2549 Sep 18 17:48 cert.pkcs12

You can import this file into a web browser or other application.

Web Browser Test

Fermilab has a handy web page for testing the certificates in your browser http://security.fnal.gov/pki/browsercerttest.html

-- TomRockwell - 18 Sep 2006
Topic revision: r4 - 16 Oct 2009, TomRockwell
 

This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding Foswiki? Send feedback