6.4. Using the Certificates on Tokens for Mail Clients
- In Mozilla Thunderbird, open themenu, choose , and then click .
- Open thetab.
- Add a PKCS #11 driver.
- Click Device Manager window.to open the
- Click thebutton.
- Enter the module name, such as
token keypk11 driver
. - Click, find the Enterprise Security Client PKCS #11 driver, and click . The PKCS #11 module used by these applications, by default, is located in
/usr/lib/libcoolkeypk11.so
.
- If the CA is not yet trusted, download and import the CA certificate.
- Open the SSL End Entity page on the CA. For example:
http
s
://server.example.com:9444/ca/ee/ca/
- Click the Retrieval tab, and then click Import CA Certificate Chain.
- Click Download the CA certificate chain in binary form and then click .
- Choose a suitable directory to save the certificate chain, and then click.
- In Mozilla Thunderbird, open themenu, choose , and then click .
- Open thetab, and click the button.
- Click thetab, and import the CA certificate.
- Set up the certificate trust relationships.
- In Mozilla Thunderbird, open themenu, choose , and then click .
- Open thetab, and click the button.
- In the Authorities tab, select the CA, and click the button.
- Set the trust settings for identifying websites and mail users.
- In the Digital Signing section of the Security panel, click to choose a certificate to use for signing messages.
- In the Encryption of the Security panel, click to choose the certificate to encrypt and decrypt messages.