Show Table of Contents
6.4. Using the Certificates on Tokens for Mail Clients
- In Mozilla Thunderbird, open the menu, choose , and then click .
- Open the tab.
- Add a PKCS #11 driver.
- Click to open the Device Manager window.
- Click the button.
- Enter the module name, such as
token keypk11 driver. - Click , find the Enterprise Security Client PKCS #11 driver, and click . The PKCS #11 module used by these applications, by default, is located in
/usr/lib/libcoolkeypk11.so.
- If the CA is not yet trusted, download and import the CA certificate.
- Open the SSL End Entity page on the CA. For example:
http
s://server.example.com:9444/ca/ee/ca/ - Click the Retrieval tab, and then click Import CA Certificate Chain.
- Click Download the CA certificate chain in binary form and then click .
- Choose a suitable directory to save the certificate chain, and then click .
- In Mozilla Thunderbird, open the menu, choose , and then click .
- Open the tab, and click the button.
- Click the tab, and import the CA certificate.
- Set up the certificate trust relationships.
- In Mozilla Thunderbird, open the menu, choose , and then click .
- Open the tab, and click the button.
- In the Authorities tab, select the CA, and click the button.
- Set the trust settings for identifying websites and mail users.
- In the Digital Signing section of the Security panel, click to choose a certificate to use for signing messages.
- In the Encryption of the Security panel, click to choose the certificate to encrypt and decrypt messages.
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.