Red Hat Training
A Red Hat training course is available for Red Hat Enterprise Linux
6.4. Using the Certificates on Tokens for Mail Clients
- In Mozilla Thunderbird, open the Edit menu, choose Preferences, and then click Advanced.
- Open the Certificate tab.
- Add a PKCS #11 driver.
- Click Security Devices to open the Device Manager window.
- Click the Load button.
- Enter the module name, such as
token keypk11 driver
. - Click Browse, find the Enterprise Security Client PKCS #11 driver, and click OK. The PKCS #11 module used by these applications, by default, is located in
/usr/lib/libcoolkeypk11.so
.
- If the CA is not yet trusted, download and import the CA certificate.
- Open the SSL End Entity page on the CA. For example:
http
s
://server.example.com:9444/ca/ee/ca/
- Click the Retrieval tab, and then click Import CA Certificate Chain.
- Click Download the CA certificate chain in binary form and then click Submit.
- Choose a suitable directory to save the certificate chain, and then click OK.
- In Mozilla Thunderbird, open the Edit menu, choose Preferences, and then click Advanced.
- Open the Certificate tab, and click the View Certificates button.
- Click the Authorities tab, and import the CA certificate.
- Set up the certificate trust relationships.
- In Mozilla Thunderbird, open the Edit menu, choose Preferences, and then click Advanced.
- Open the Certificate tab, and click the View Certificates button.
- In the Authorities tab, select the CA, and click the Edit button.
- Set the trust settings for identifying websites and mail users.
- In the Digital Signing section of the Security panel, click Select to choose a certificate to use for signing messages.
- In the Encryption of the Security panel, click Select to choose the certificate to encrypt and decrypt messages.