6.3. Setting up Browsers to Support SSL for Tokens

  1. In Mozilla Firefox, open the Edit menu, choose Preferences, and then click Advanced.
  2. Open the Encryption tab.
  3. Add a PKCS #11 driver.
    1. Click Security Devices to open the Device Manager window, and then click the Load button.
    2. Enter a module name, such as token key pk11 driver.
    3. Click Browse, find the Enterprise Security Client PKCS #11 driver, and click OK. The PKCS #11 module used by these applications, by default, is located in /usr/lib/libcoolkeypk11.so.
  4. If the CA is not yet trusted, download and import the CA certificate.
    1. Open the SSL End Entity page on the CA. For example:
      https://server.example.com:9444/ca/ee/ca/
    2. Click the Retrieval tab, and then click Import CA Certificate Chain.
    3. Click Download the CA certificate chain in binary form and then click Submit.
    4. Choose a suitable directory to save the certificate chain, and then click OK.
    5. Click Edit > Preferences, and select the Advanced tab.
    6. Click the View Certificates button.
    7. Click Authorities, and import the CA certificate.
  5. Set the certificate trust relationships.
    1. Click Edit > Preferences, and select the Advanced tab.
    2. Click the View Certificates button.
    3. Click Edit, and set the trust for websites.
The certificates can be used for SSL.