Bug 236942 - Patch 4 - Clean up code and add style with helpFileLayout.css in help files. Patch by Stefan <stefan_h@hem.utfors.se>. r=rlk@trfenv.com

This commit is contained in:
rlk%trfenv.com 2004-04-30 19:03:32 +00:00
parent 598f923098
commit 06770c98c3
8 changed files with 361 additions and 248 deletions

View File

@ -25,7 +25,7 @@ en-US.jar:
locale/en-US/help/mail_sec_help.xhtml (locale/en-US/mail_sec_help.xhtml)
locale/en-US/help/composer_help.html (locale/en-US/composer_help.html)
locale/en-US/help/customize_help.html (locale/en-US/customize_help.html)
locale/en-US/help/certs_help.html (locale/en-US/certs_help.html)
locale/en-US/help/certs_help.xhtml (locale/en-US/certs_help.xhtml)
locale/en-US/help/cert_dialog_help.xhtml (locale/en-US/cert_dialog_help.xhtml)
locale/en-US/help/certs_prefs_help.xhtml (locale/en-US/certs_prefs_help.xhtml)
locale/en-US/help/cs_nav_prefs_advanced.html (locale/en-US/cs_nav_prefs_advanced.html)

View File

@ -1,298 +1,411 @@
<html>
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd" [
<!ENTITY % brandDTD SYSTEM "chrome://global/locale/brand.dtd" >
%brandDTD;
]>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Certificate Manager</title>
<link rel="stylesheet" href="chrome://help/locale/content_style.css" type="text/css">
<link rel="stylesheet" href="chrome://help/locale/helpFileLayout.css"
type="text/css"></link>
</head>
<body>
<a NAME="certs_first"></a>
<div class="boilerplate">This document is provided by Mozilla for your information only. It may help you take certain steps to protect the privacy and security of your personal information on the Internet. This document does not, however, address all online privacy and security issues, nor does it represent a recommendation by Mozilla about what constitutes adequate privacy and security protection on the Internet.</div>
<hr>
<h1>Certificate Manager</h1>
<div class="boilerPlate">This document is provided by &brandShortName; for your
information only. It may help you take certain steps to protect the privacy and
security of your personal information on the Internet. This document does not,
however, address all online privacy and security issues, nor does it represent
a recommendation by &brandShortName; about what constitutes adequate privacy and
security protection on the Internet.</div>
<p>This section describes how to use the Certificate Manager. For more information on using certificates, see <a href="using_certs_help.html">Using Certificates</a>.
<h1 id="certificate_manager">Certificate Manager</h1>
<p>If you are not currently viewing the Certificate Manager window, follow these steps:
<p>This section describes how to use the Certificate Manager. For more
information on using certificates, see <a href="using_certs_help.html">Using
Certificates</a>.</p>
<p>If you are not currently viewing the Certificate Manager window, follow
these steps:</p>
<ol>
<li>Open the Edit menu (Mozilla menu on Mac OS X) and choose Preferences.
<li>Under the Privacy &amp; Security category, click Certificates. (If no subcategories are visible, double-click Privacy &amp; Security to expand the list.)
<li>Click Manage Certificates.
<li>Open the Edit menu (&brandShortName; menu on Mac OS X) and choose Preferences.</li>
<li>Under the Privacy &amp; Security category, click Certificates. (If no
subcategories are visible, double-click Privacy &amp; Security to expand the
list.)</li>
<li>Click Manage Certificates.</li>
</ol>
<p><table summary="list of headings" cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
<tr>
<td class="inthissection">
<p>In this section:</p>
<p><a href="#My_Certificates">Your Certificates</a></p>
<p><a href="#Other_Peoples_Certificates">Other People's Certificates</a></p>
<p><a href="#Web_Site_Certificates">Web Site Certificates</a></p>
<p><a href="#CA_Certificates">Authorities</a></p>
</td>
</tr>
</table>
<p>&nbsp;</p>
<hr>
<a NAME="back_up_certificatesSDX"></a>
<a NAME="backup_certificatesSDX"></a>
<a NAME="import_certificatesSDX"></a>
<a NAME="import_certificatesIDX"></a>
<a NAME="backing_up_certificatesIDX"></a>
<a NAME="certificates:backups_ofIDX"></a>
<a NAME="certificates:importing_your_ownIDX"></a>
<a NAME="smart_card_backupsSDX"></a>
<a NAME="smart_cards:backupsSDX"></a>
<a NAME="My_Certificates"></a><h2>Your Certificates</h2>
<p>The Your Certificates tab in the <A href="#certs_first">Certificate Manager</a> displays the certificates on file that identify you. Your certificates are listed under the names of the organizations that issued them:
<div class="contentsBox">In this section:
<ul>
<li>If you can't see certificate names under an organization's name, double-click the name.
<li>To select a certificate, click its name.
<li>To select more than one certificate, hold down the Control key and click their names.
<li><a href="#your_certificates">Your Certificates</a></li>
<li><a href="#other_peoples_certificates">Other People's Certificates</a></li>
<li><a href="#web_site_certificates">Web Site Certificates</a></li>
<li><a href="#authorities">Authorities</a></li>
</ul>
<p>To perform the following actions, select one or more certificates and click one of the following buttons:
<UL>
<LI><b>View:</b> Display detailed information about the selected certificates.</LI>
<LI><b>Backup:</b> Initiate the process of saving the selected certificates. A window appears that allows you to choose a password to protect the backup. You can then save the backup in a directory of your choice.</LI>
<LI><b>Delete:</b> Delete the selected certificates.</LI>
</UL>
</div>
<P>These actions do not require a certificate to be selected:</P>
<UL>
<h2 id="your_certificates">Your Certificates</h2>
<LI><b>Import:</b> Import a file containing one or more certificates that were previously backed up. When you click Import, Certificate Manager first asks you to locate the file that contains the backup. The names of certificate backup files typically end in <tt>.p12</tt>; for example, <tt>MyCert.p12</tt>. After you select the file to be imported, Certificate Manager asks you to enter the password that you set when you backed up the certificate.</LI>
<LI><b>Backup All:</b> Initiate the process of saving all the certificates stored in the <a href="glossary.xhtml#software_security_device">Software Security Device</a>.
<p><b>Note: Certificates on smart cards cannot be backed up.</b> Whether you select some of your certificates and click Backup, or click Backup All, the resulting backup file will not include any certificates stored on smart cards or other external security devices. You can only back up certificates that are stored on the built-in Software Security Device.
</UL>
<p>&nbsp;</p>
<hr><a NAME="Choose_a_Certificate_Backup_Password"></a>
<H3>Choose a Certificate Backup Password</H3>
<P>A certificate backup password protects one or more certificates that you are backing up from the <a href="#My_Certificates">Your Certificates</a> tab in the Certificate Manager.
<p>The Certificate Manager asks you to set this password when you back up certificates, and requests it when you attempt to import certificates that have previously been backed up.</P>
<p>The Your Certificates tab in the <a href="#certificate_manager">Certificate
Manager</a> displays the certificates on file that identify you. Your
certificates are listed under the names of the organizations that issued
them:</p>
<ul>
<li><b>Certificate backup password:</b> Type your backup password into this field.
<li><b>Certificate backup password (again):</b> Type your backup password again. If you don't type it the second time exactly as you did the first time, the OK button remains inactive. If this happens, try typing the new password again.
<li>If you can't see certificate names under an organization's name,
double-click the name.</li>
<li>To select a certificate, click its name.</li>
<li>To select more than one certificate, hold down the Control key and click
their names.</li>
</ul>
<p>If someone obtains the file containing a certificate that you have backed up and successfully imports the certificate, that person can send messages or access web sites while pretending to be you. This can be a problem, for example, if you digitally sign important email messages or manage your bank or investment accounts over the Internet.
<p>Therefore, it's important to select a certificate backup password that is difficult to guess. The <b>password quality meter</b> gives you a rough idea of the quality of your password as you type it based on factors such as length and the use of uppercase letters, lowercase letters, numbers, and symbols. It does not guarantee that your password cannot be guessed, however.
<p>For further guidelines, see the online document <a href="http://home.netscape.com/security/basics/passwords.html" TARGET="_blank">Choosing a Good Password</a>.
<p>It's also important to record the password in a safe place&mdash;and not anywhere that's easily accessible to someone else. If you forget this password, you can't import the backup of your certificate.</p>
<p>&nbsp;</p>
<hr><a NAME="Delete_My_Certificate"></a>
<h3>Delete Your Certificates</h3>
<P>Before deleting one of your own expired certificates from the <a href="#My_Certificates">Your Certificates</a> tab in the Certificate Manager, make sure you won't need it again some day for reading old email messages that you may have encrypted with the corresponding private key.
</P>
<p>&nbsp;</p>
<hr><a NAME="Other_Peoples_Certificates"></a>
<h2>Other People's Certificates</h2>
<p>The Other People's tab in the <A href="#certs_first">Certificate Manager</a> displays email certificates you have on file that identify other people.
<p>When people send you digitally signed email messages, Certificate Manager imports their certificates automatically. You can use these certificates to send encrypted messages to those people.
<p>Other people's certificates are listed under the names of the organizations that issued them:
<p>To perform the following actions, select one or more certificates and click
one of the following buttons:</p>
<ul>
<li>If you can't see certificate names under an organization's name, double-click the name.
<li>To select a certificate, click its name.
<li>To select more than one certificate, hold down the Control key and click their names.
<li><strong>View:</strong> Display detailed information about the selected
certificates.</li>
<li><strong>Backup:</strong> Initiate the process of saving the selected
certificates. A window appears that allows you to choose a password to
protect the backup. You can then save the backup in a directory of your
choice.</li>
<li><strong>Delete:</strong> Delete the selected certificates.</li>
</ul>
<p>To perform the following actions, select one or more certificatesand click one of the following buttons:
<p>These actions do not require a certificate to be selected:</p>
<ul>
<li><b>View:</b> Display detailed information about the selected certificates.
<li><strong>Import:</strong> Import a file containing one or more certificates
that were previously backed up. When you click Import, Certificate Manager
first asks you to locate the file that contains the backup. The names of
certificate backup files typically end in <tt>.p12</tt>; for example,
<tt>MyCert.p12</tt>. After you select the file to be imported, Certificate
Manager asks you to enter the password that you set when you backed up the
certificate.</li>
<li><b>Delete:</b> Delete the selected certificates.
<li><strong>Backup All:</strong> Initiate the process of saving all the
certificates stored in the
<a href="glossary.xhtml#software_security_device">Software Security
Device</a>.
<p><strong>Note: Certificates on smart cards cannot be backed up.</strong>
Whether you select some of your certificates and click Backup, or click
Backup All, the resulting backup file will not include any certificates
stored on smart cards or other external security devices. You can only back
up certificates that are stored on the built-in Software Security Device.</p>
</li>
</ul>
<h3 id="choose_a_certificate_backup_password">Choose a Certificate Backup
Password</h3>
<p>&nbsp;</p>
<hr><a NAME="Delete_Email_Certificate"></a>
<h3>Delete Email Certificates</h3>
<p>A certificate backup password protects one or more certificates that you are
backing up from the <a href="#your_certificates">Your Certificates</a> tab in
the Certificate Manager.</p>
<p>Before deleting someone else's certificate from the <a href="#Other_Peoples_Certificates">Other People's</a> tab in the Certificate Manager, make sure you won't need it again some day to send encrypted email to that person or to verify digital signatures on messages from that person.
<p>&nbsp;</p>
<hr><a NAME="Web_Site_Certificates"></a>
<h2>Web Site Certificates</h2>
<p>The Web Sites tab in the Certificate Manager displays certificates you have on file that identify web sites.
<p>Web site certificates are grouped under the names of the organizations that issued them:
<p>The Certificate Manager asks you to set this password when you back up
certificates, and requests it when you attempt to import certificates that
have previously been backed up.</p>
<ul>
<li>If you can't see certificate names under an organization's name, double-click the name.
<li>To select a certificate, click its name.
<li>To select more than one certificate, hold down the Control key and click their names.
<li><strong>Certificate backup password:</strong> Type your backup password
into this field.</li>
<li><strong>Certificate backup password (again):</strong> Type your backup
password again. If you don't type it the second time exactly as you did the
first time, the OK button remains inactive. If this happens, try typing the
new password again.</li>
</ul>
<p>If someone obtains the file containing a certificate that you have backed up
and successfully imports the certificate, that person can send messages or
access web sites while pretending to be you. This can be a problem, for
example, if you digitally sign important email messages or manage your bank
or investment accounts over the Internet.</p>
<p>Therefore, it's important to select a certificate backup password that is
difficult to guess. The <strong>password quality meter</strong> gives you a
rough idea of the quality of your password as you type it based on factors
such as length and the use of uppercase letters, lowercase letters, numbers,
and symbols. It does not guarantee that your password cannot be guessed,
however.</p>
<p>To perform the following actions, select one or more certificates and click one of the following buttons:
<p>For further guidelines, see the online document
<a href="http://home.netscape.com/security/basics/passwords.html"
target="_blank">Choosing a Good Password</a>.</p>
<p>It's also important to record the password in a safe place&mdash;and not
anywhere that's easily accessible to someone else. If you forget this
password, you can't import the backup of your certificate.</p>
<h3 id="delete_your_certificates">Delete Your Certificates</h3>
<p>Before deleting one of your own expired certificates from the
<a href="#your_certificates">Your Certificates</a> tab in the Certificate
Manager, make sure you won't need it again some day for reading old email
messages that you may have encrypted with the corresponding private key.</p>
<h2 id="other_peoples_certificates">Other People's Certificates</h2>
<p>The Other People's tab in the <a href="#certificate_manager">Certificate
Manager</a> displays email certificates you have on file that identify other
people.</p>
<p>When people send you digitally signed email messages, Certificate Manager
imports their certificates automatically. You can use these certificates to
send encrypted messages to those people.</p>
<p>Other people's certificates are listed under the names of the organizations
that issued them:</p>
<ul>
<li><b>View:</b> Display detailed information about the selected certificates.
<li><b>Edit:</b> View or change the trust settings that Certificate Manager associates with the selected certificates. You can use these settings to designate a web site certificate as one that you trust or don't trust for identification purposes.
<li><b>Delete:</b> Delete the selected certificates.
<li>If you can't see certificate names under an organization's name,
double-click the name.</li>
<li>To select a certificate, click its name.</li>
<li>To select more than one certificate, hold down the Control key and click
their names.</li>
</ul>
<p>&nbsp;</p>
<hr><a NAME="Edit_Web_Site_Certificate_Settings"></a>
<h3>Edit Web Site Certificate Trust Settings</h3>
<p>When you select a web site certificate from the <A href="#Web_Site_Certificates">Web Sites</a> tab in the Certificate Manager and click Edit, you see a window entitled &quot;Edit web site certificate trust settings.&quot;
Here you specify whether you want to trust the selected certificate for identifying the web site and setting up an encrypted connection.<p>
<p>The dialog box contains these elements:
<p>To perform the following actions, select one or more certificates and click
one of the following buttons:</p>
<ul>
<li><strong>View:</strong> Display detailed information about the selected
certificates.</li>
<li><strong>Delete:</strong> Delete the selected certificates.</li>
</ul>
<li><b>The certificate &quot;<i>name of certificate</i>&quot; was issued by:</b> Provides information about the <a href="glossary.xhtml#certificate_authority">certificate authority</a> that issued this certificate.
<h3 id="delete_email_certificates">Delete Email Certificates</h3>
<li><b>Edit certificate trust settings:</b></li>
<p>Before deleting someone else's certificate from the
<a href="#other_peoples_certificates">Other People's</a> tab in the
Certificate Manager, make sure you won't need it again some day to send
encrypted email to that person or to verify digital signatures on messages
from that person.</p>
<h2 id="web_site_certificates">Web Site Certificates</h2>
<p>The Web Sites tab in the Certificate Manager displays certificates you have
on file that identify web sites.</p>
<p>Web site certificates are grouped under the names of the organizations that
issued them:</p>
<ul>
<li><b>Trust the authenticity of this certificate:</b> If you select this option, Certificate Manager will henceforth trust this certificate for the purposes of identifying this web site or setting up an encrypted connection. If you select this option and then attempt to visit the web site, your browser will access the site with few, if any, warnings.
<li><b>Do not trust the authenticity of this certificate:</b> If you select this option, Certificate Manager will no longer trust this certificate for the purposes of identifying this web site or setting up an encrypted connection. If you select this option and then attempt to visit the web site, you will see one or more warning messages before you can access the site.
</ul>
<li><b>Edit CA Trust:</b> Click this button to specify trust settings for the certificate authority (CA) that issued the web site certificate. These settings allow you to trust or not to trust different kinds of certificates issued by that certificate authority. For example, you can choose to trust all web site certificates issued by the authority.
<li>If you can't see certificate names under an organization's name,
double-click the name.</li>
<li>To select a certificate, click its name.</li>
<li>To select more than one certificate, hold down the Control key and click
their names.</li>
</ul>
<p>Click OK to confirm your choice.
<p>&nbsp;</p>
<hr><a NAME="Delete_Web_Site_Certificate"></a>
<h3>Delete Web Site Certificates</h3>
<p>Before deleting a web site certificate from the <a href="#Web_Site_Certificates">Web Sites</a> tab in the Certificate Manager, make sure that you won't need it again for the purposes of identifying a web site and setting up an encrypted connection.
<p>&nbsp;</p>
<hr><a NAME="importing_a_certificate_chainSDX"></a>
<a NAME="importing_intermediate_CA_certificatesSDX"></a>
<a NAME="certificates:importing_chained_CAIDX"></a>
<a NAME="certificates:intermediate_CAIDX"></a>
<a NAME="CA_Certificates"></a>
<h2>Authorities</h2>
<p>The Authorities tab in the <A href="#certs_first">Certificate Manager</a> displays the certificates you have on file that identify <a href="glossary.xhtml#certificate_authority">certificate authorities (CAs)</a>.
<p>CA certificates are grouped under the names of the organizations that issued them:
<p>To perform the following actions, select one or more certificates and click
one of the following buttons:</p>
<ul>
<li>If you can't see CA certificate names under an organization's name, double-click the name.
<li>To select a CA certificate, click its name.
<li>To select more than one CA certificate, hold down the Control key and click their names.
<li><strong>View:</strong> Display detailed information about the selected
certificates.</li>
<li><strong>Edit:</strong> View or change the trust settings that Certificate
Manager associates with the selected certificates. You can use these settings
to designate a web site certificate as one that you trust or don't trust for
identification purposes.</li>
<li><strong>Delete:</strong> Delete the selected certificates.</li>
</ul>
<h3 id="edit_web_site_certificate_trust_settings">Edit Web Site Certificate
Trust Settings</h3>
<p>When you select a web site certificate from the
<a href="#web_site_certificates">Web Sites</a> tab in the Certificate Manager
and click Edit, you see a window entitled &quot;Edit web site certificate trust
settings&quot;. Here you specify whether you want to trust the selected
certificate for identifying the web site and setting up an encrypted
connection.</p>
<p>The dialog box contains these elements:</p>
<p>To perform these actions, select the certificates on which you want to act and click one of these buttons:
<ul>
<li><b>View:</b> Display detailed information about the selected certificates.
<li><b>Edit:</b> View or change the settings that Certificate Manager associates with the selected certificates. You can use these settings to designate what kinds of certificates, if any, you trust that are issued by the corresponding CAs.
<li><b>Delete:</b> Delete the selected certificates.
<li><strong>The certificate &quot;<i>name of certificate</i>&quot; was
issued by:</strong> Provides information about the
<a href="glossary.xhtml#certificate_authority">certificate authority</a> that
issued this certificate.</li>
<li><strong>Edit certificate trust settings:</strong>
<ul>
<li><strong>Trust the authenticity of this certificate:</strong> If you
select this option, Certificate Manager will henceforth trust this
certificate for the purposes of identifying this web site or setting up an
encrypted connection. If you select this option and then attempt to visit
the web site, your browser will access the site with few, if any,
warnings.</li>
<li><strong>Do not trust the authenticity of this certificate:</strong>
If you select this option, Certificate Manager will no longer trust this
certificate for the purposes of identifying this web site or setting up an
encrypted connection. If you select this option and then attempt to visit
the web site, you will see one or more warning messages before you can
access the site.</li>
</ul>
</li>
<li><strong>Edit CA Trust:</strong> Click this button to specify trust settings
for the certificate authority (CA) that issued the web site certificate.
These settings allow you to trust or not to trust different kinds of
certificates issued by that certificate authority. For example, you can
choose to trust all web site certificates issued by the authority.</li>
</ul>
<p>To ensure that an entire <a href="glossary.xhtml#certificate_chain">certificate chain</a> of CAs are all trusted, you need to edit the root CA certifiate only.
<p>Click OK to confirm your choice.</p>
<p>To import the chain, you click a link on a web page provided by the CA. You can then use the authorities tab to locate the root certificate and edit its trust settings.
<h3 id="delete_web_site_certificates">Delete Web Site Certificates</h3>
<p>The root and intermediate CAs all appear under the same organization. The root certificate is the one that lists itself as the the issuer.
<p>Before deleting a web site certificate from the
<a href="#web_site_certificates">Web Sites</a> tab in the Certificate
Manager, make sure that you won't need it again for the purposes of
identifying a web site and setting up an encrypted connection.</p>
<p><b>If you download an intermediate CA:</b> If you download an intermediate CA certificate that chains to a root certificate already marked as trusted in your browser, you don't have to indicate what purposes you trust it for. Intermediate certificates automatically inherit the trust settings of their roots.
<h2 id="authorities">Authorities</h2>
<p>The Authorities tab in the <a href="#certificate_manager">Certificate
Manager</a> displays the certificates you have on file that identify
<a href="glossary.xhtml#certificate_authority">certificate authorities
(CAs)</a>.</p>
<p>&nbsp;</p><hr><a NAME="Edit_CA_Certificate_Settings"></a>
<h3>Edit CA Certificate Trust Settings</h3>
<p>CA certificates are grouped under the names of the organizations that issued
them:</p>
<p>When you select a CA certificate from the <A href="#CA_Certificates">Authorities</a> tab in the Certificate Manager and click Edit, you see a window entitled "Edit CA certificate trust settings." Here you specify the kinds of certificates you trust this CA to certify. If you deselect all the checkboxes, Certificate Manager will not trust any certificates issued by this CA.
<p>The settings have these effects:
<ul>
<li><b>This certificate can identify web sites:</b> Certificate Manager will trust certificates issued by this CA for the purpose of identifying web sites and encrypting web site connections. If you deselect this checkbox, Certificate Manager will not trust web site certificates issued by this CA.
<li><b>This certificate can identify mail users:</b> Certificate Manager will trust certificates issued by this CA for the purpose of signing or encrypting email. If you deselect this checkbox, Certificate Manager will not trust email certificates issued by this CA.
<li><b>This certificate can identify software makers:</b> Certificate Manager will trust certificates issued by this CA for the purpose of identifying software makers. If you deselect this checkbox, Certificate Manager will not trust such certificates issued by this CA.
<li>If you can't see CA certificate names under an organization's name,
double-click the name.</li>
<li>To select a CA certificate, click its name.</li>
<li>To select more than one CA certificate, hold down the Control key and click
their names.</li>
</ul>
<p>Click OK to confirm the settings you have selected.
<p>To perform these actions, select the certificates on which you want to act
and click one of these buttons:</p>
<p>&nbsp;</p>
<hr><a NAME="Delete_CA_Certificate"></a>
<h3>Delete CA Certificates</h3>
<ul>
<li><strong>View:</strong> Display detailed information about the selected
certificates.</li>
<li><strong>Edit:</strong> View or change the settings that Certificate Manager
associates with the selected certificates. You can use these settings to
designate what kinds of certificates, if any, you trust that are issued by
the corresponding CAs.</li>
<li><strong>Delete:</strong> Delete the selected certificates.</li>
</ul>
<p>Before deleting a CA certificate from the <A href="#CA_Certificates">Authorities</a> tab in the Certificate Manager, make sure that you won't need it again to validate certificates issued by that CA. If you delete the only valid certificate you have for a CA, Certificate Manager will no longer trust any certificates issued by that CA.
<p>To ensure that an entire
<a href="glossary.xhtml#certificate_chain">certificate chain</a> of CAs are
all trusted, you need to edit the root CA certifiate only.</p>
<p>&nbsp;</p>
<hr><a NAME="Device_Manager:options"></a>
<a NAME="Security_Devices"></a>
<h1>Device Manager</h1>
<p>To import the chain, you click a link on a web page provided by the CA. You
can then use the authorities tab to locate the root certificate and edit its
trust settings.</p>
<p>This section describes the options available in the Device Manager window. For background information and step-by-step instructions on the use of the Device Manager, see <a href="using_certs_help.html#using_certs_devices">Manage Smart Cards and Other Security Devices</a>.
<p>The root and intermediate CAs all appear under the same organization. The
root certificate is the one that lists itself as the the issuer.</p>
<P>If you are not currently viewing the Device Manager window, follow these steps:
<p><strong>If you download an intermediate CA:</strong> If you download an
intermediate CA certificate that chains to a root certificate already marked
as trusted in your browser, you don't have to indicate what purposes you
trust it for. Intermediate certificates automatically inherit the trust
settings of their roots.</p>
<h3 id="edit_ca_certificate_trust_settings">Edit CA Certificate Trust
Settings</h3>
<p>When you select a CA certificate from the
<a href="#authorities">Authorities</a> tab in the Certificate Manager and
click Edit, you see a window entitled &quot;Edit CA certificate trust
settings&quot;. Here you specify the kinds of certificates you trust this CA
to certify. If you deselect all the checkboxes, Certificate Manager will not
trust any certificates issued by this CA.</p>
<p>The settings have these effects:</p>
<ul>
<li><strong>This certificate can identify web sites:</strong> Certificate
Manager will trust certificates issued by this CA for the purpose of
identifying web sites and encrypting web site connections. If you deselect
this checkbox, Certificate Manager will not trust web site certificates
issued by this CA.</li>
<li><strong>This certificate can identify mail users:</strong> Certificate
Manager will trust certificates issued by this CA for the purpose of signing
or encrypting email. If you deselect this checkbox, Certificate Manager will
not trust email certificates issued by this CA.</li>
<li><strong>This certificate can identify software makers:</strong> Certificate
Manager will trust certificates issued by this CA for the purpose of
identifying software makers. If you deselect this checkbox, Certificate
Manager will not trust such certificates issued by this CA.</li>
</ul>
<p>Click OK to confirm the settings you have selected.</p>
<h3 id="delete_ca_certificates">Delete CA Certificates</h3>
<p>Before deleting a CA certificate from the
<a href="#authorities">Authorities</a> tab in the Certificate Manager,
make sure that you won't need it again to validate certificates issued by
that CA. If you delete the only valid certificate you have for a CA,
Certificate Manager will no longer trust any certificates issued by that
CA.</p>
<h2 id="device_manager">Device Manager</h2>
<p>This section describes the options available in the Device Manager window.
For background information and step-by-step instructions on the use of the
Device Manager, see
<a href="using_certs_help.html#using_certs_devices">Manage Smart Cards and
Other Security Devices</a>.</p>
<p>If you are not currently viewing the Device Manager window, follow these
steps:</p>
<ol>
<li>Open the Edit menu (Mozilla menu on Mac OS X) and choose Preferences.
<li>Under the Privacy &amp; Security category, click Certificates. (If no subcategories are visible, double-click Privacy &amp; Security to expand the list.)
<li>In the Certificates panel, click Manage Security Devices.
<li>Open the Edit menu (&brandShortName; menu on Mac OS X) and choose Preferences.</li>
<li>Under the Privacy &amp; Security category, click Certificates. (If no
subcategories are visible, double-click Privacy &amp; Security to expand the
list.)</li>
<li>In the Certificates panel, click Manage Security Devices.</li>
</ol>
<p>The Device Manager lists each available PKCS #11 module, and the security devices managed by each module below the module's name.
<p>The Device Manager lists each available PKCS #11 module, and the security
devices managed by each module below the module's name.</p>
<p>When you select a module or device, information about the selected item appears in the middle of the window, and some of the buttons on the right side of the window become available. In general, you perform an action on a module or device by selecting its name and clicking the appropriate button:
<p>When you select a module or device, information about the selected item
appears in the middle of the window, and some of the buttons on the right
side of the window become available. In general, you perform an action on a
module or device by selecting its name and clicking the appropriate
button:</p>
<ul>
<li><b>Log In:</b> Log into the selected security device. After you have logged in to the device, the frequency with which you will be asked to enter the master password for the device depends on the <a href="passwords_help.html#Master_Password">Master Password Timeout</a> settings.
<li><b>Log Out:</b> Log out of the selected security device. After you have logged out of the device, the device and the certificates it contains will not be available until you log in again.
<li><b>Change Password:</b> Change the master password for the selected security device.
<li><b>Load:</b> Displays a dialog box that allows you to specify the name and location of a new PKCS #11 module. Before adding a new module, you should first install the module software on your computer and if necessary connect any associated hardware device. Follow the instructions provided by the vendor.
<li><b>Unload:</b> Unload the selected module. If you unload a module, both the module and its security devices are no longer available for use by the browser.
<li><b>Enable FIPS:</b> Turns the FIPS mode on and off. For more information, see <a href="using_certs_help.html#using_certs_devices_fips">Enable FIPS Mode</a>.
<li><strong>Log In:</strong> Log into the selected security device. After you
have logged in to the device, the frequency with which you will be asked to
enter the master password for the device depends on the
<a href="passwords_help.html#Master_Password">Master Password Timeout</a>
settings.</li>
<li><strong>Log Out:</strong> Log out of the selected security device. After
you have logged out of the device, the device and the certificates it
contains will not be available until you log in again.</li>
<li><strong>Change Password:</strong> Change the master password for the
selected security device.</li>
<li><strong>Load:</strong> Displays a dialog box that allows you to specify the
name and location of a new PKCS #11 module. Before adding a new module, you
should first install the module software on your computer and if necessary
connect any associated hardware device. Follow the instructions provided by
the vendor.</li>
<li><strong>Unload:</strong> Unload the selected module. If you unload a
module, both the module and its security devices are no longer available for
use by the browser.</li>
<li><strong>Enable FIPS:</strong> Turns the FIPS mode on and off. For more
information, see
<a href="using_certs_help.html#using_certs_devices_fips">Enable FIPS
Mode</a>.</li>
</ul>
<p>Copyright &copy; 2003-2004 The Mozilla Foundation.</p>
</body>
</html>
</html>

View File

@ -23,8 +23,8 @@
<div class="contentsBox">In this section:
<ul>
<li><a href="#privacy_and_security_preferences_certificates">Certificate Preferences</a></li>
<li><a href="certs_help.html">Certificate Manager</a></li>
<li><a href="certs_help.html#Security_Devices">Device Manager</a></li>
<li><a href="certs_help.xhtml">Certificate Manager</a></li>
<li><a href="certs_help.xhtml#device_manager">Device Manager</a></li>
<li><a href="cert_dialog_help.xhtml">Certificate Information and Decisions</a></li>
</ul>
</div>

View File

@ -97,7 +97,7 @@
<rdf:Seq><rdf:li>
<rdf:Description ID="backing_up_certificates"
nc:name="backing up certificates"
nc:link="certs_help.html#backing_up_certificatesIDX"/>
nc:link="certs_help.xhtml#your_certificates"/>
</rdf:li>
<rdf:li>
<rdf:Description ID="bookmarks"
@ -774,7 +774,7 @@
<rdf:li>
<rdf:Description ID="import_certificates"
nc:name="import certificates"
nc:link="certs_help.html#import_certificatesIDX"/>
nc:link="certs_help.xhtml#your_certificates"/>
</rdf:li>
<rdf:li>
<rdf:Description ID="intermediate_server_CA_certificates"

View File

@ -1044,8 +1044,8 @@
<nc:subheadings>
<rdf:Seq>
<rdf:li><rdf:Description ID="certs_prefs" nc:name="Certificate Preferences" nc:link="chrome://help/locale/certs_prefs_help.xhtml#privacy_and_security_preferences_certificates"/> </rdf:li>
<rdf:li><rdf:Description ID="certs-help" nc:name="Certificate Manager" nc:link="chrome://help/locale/certs_help.html"/> </rdf:li>
<rdf:li><rdf:Description ID="sec_devices" nc:name="Device Manager" nc:link="chrome://help/locale/certs_help.html#Security_Devices"/> </rdf:li>
<rdf:li><rdf:Description ID="certs-help" nc:name="Certificate Manager" nc:link="chrome://help/locale/certs_help.xhtml"/> </rdf:li>
<rdf:li><rdf:Description ID="sec_devices" nc:name="Device Manager" nc:link="chrome://help/locale/certs_help.xhtml#device_manager"/> </rdf:li>
<rdf:li><rdf:Description ID="cert-dialog-help" nc:name="Certificate Information and Decisions" nc:link="chrome://help/locale/cert_dialog_help.xhtml"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
@ -1056,10 +1056,10 @@
<rdf:Description about="#certs-help">
<nc:subheadings>
<rdf:Seq>
<rdf:li><rdf:Description ID="my_certs" nc:name="Your Certificates" nc:link="chrome://help/locale/certs_help.html#My_Certificates"/> </rdf:li>
<rdf:li><rdf:Description ID="others_certs" nc:name="Other People's Certificates" nc:link="chrome://help/locale/certs_help.html#Other_Peoples_Certificates"/> </rdf:li>
<rdf:li><rdf:Description ID="web_certs" nc:name="Web Site Certificates" nc:link="chrome://help/locale/certs_help.html#Web_Site_Certificates"/> </rdf:li>
<rdf:li><rdf:Description ID="ca_certs" nc:name="Authorities" nc:link="chrome://help/locale/certs_help.html#CA_Certificates"/> </rdf:li>
<rdf:li><rdf:Description ID="my_certs" nc:name="Your Certificates" nc:link="chrome://help/locale/certs_help.xhtml#your_certificates"/> </rdf:li>
<rdf:li><rdf:Description ID="others_certs" nc:name="Other People's Certificates" nc:link="chrome://help/locale/certs_help.xhtml#other_peoples_certificates"/> </rdf:li>
<rdf:li><rdf:Description ID="web_certs" nc:name="Web Site Certificates" nc:link="chrome://help/locale/certs_help.xhtml#web_site_certificates"/> </rdf:li>
<rdf:li><rdf:Description ID="ca_certs" nc:name="Authorities" nc:link="chrome://help/locale/certs_help.xhtml#authorities"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
@ -1068,8 +1068,8 @@
<rdf:Description about="#my_certs">
<nc:subheadings>
<rdf:Seq>
<rdf:li><rdf:Description ID="cert_backup_pwd" nc:name="Choose a Certificate Backup Password" nc:link="chrome://help/locale/certs_help.html#Choose_a_Certificate_Backup_Password"/> </rdf:li>
<rdf:li><rdf:Description ID="delete_my_certs" nc:name="Delete Your Certificate" nc:link="chrome://help/locale/certs_help.html#Delete_My_Certificate"/> </rdf:li>
<rdf:li><rdf:Description ID="cert_backup_pwd" nc:name="Choose a Certificate Backup Password" nc:link="chrome://help/locale/certs_help.xhtml#choose_a_certificate_backup_password"/> </rdf:li>
<rdf:li><rdf:Description ID="delete_my_certs" nc:name="Delete Your Certificate" nc:link="chrome://help/locale/certs_help.xhtml#delete_your_certificates"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
@ -1077,7 +1077,7 @@
<rdf:Description about="#others_certs">
<nc:subheadings>
<rdf:Seq>
<rdf:li><rdf:Description ID="delete_email_certs" nc:name="Delete Email Certificates" nc:link="chrome://help/locale/certs_help.html#Delete_Email_Certificate"/> </rdf:li>
<rdf:li><rdf:Description ID="delete_email_certs" nc:name="Delete Email Certificates" nc:link="chrome://help/locale/certs_help.xhtml#delete_email_certificates"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
@ -1085,8 +1085,8 @@
<rdf:Description about="#web_certs">
<nc:subheadings>
<rdf:Seq>
<rdf:li><rdf:Description ID="edit_web_certs" nc:name="Edit Web Site Certificate Settings" nc:link="chrome://help/locale/certs_help.html#Edit_Web_Site_Certificate_Settings"/> </rdf:li>
<rdf:li><rdf:Description ID="delete_web_certs" nc:name="Delete Web Site Certificate" nc:link="chrome://help/locale/certs_help.html#Delete_Web_Site_Certificate"/> </rdf:li>
<rdf:li><rdf:Description ID="edit_web_certs" nc:name="Edit Web Site Certificate Settings" nc:link="chrome://help/locale/certs_help.xhtml#edit_web_site_certificate_trust_settings"/> </rdf:li>
<rdf:li><rdf:Description ID="delete_web_certs" nc:name="Delete Web Site Certificate" nc:link="chrome://help/locale/certs_help.xhtml#delete_web_site_certificates"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>
@ -1094,8 +1094,8 @@
<rdf:Description about="#ca_certs">
<nc:subheadings>
<rdf:Seq>
<rdf:li><rdf:Description ID="edit_ca_certs" nc:name="Edit CA Certificate Settings" nc:link="chrome://help/locale/certs_help.html#Edit_CA_Certificate_Settings"/> </rdf:li>
<rdf:li><rdf:Description ID="delete_ca_certs" nc:name="Delete CA Certificate" nc:link="chrome://help/locale/certs_help.html#Delete_CA_Certificate"/> </rdf:li>
<rdf:li><rdf:Description ID="edit_ca_certs" nc:name="Edit CA Certificate Settings" nc:link="chrome://help/locale/certs_help.xhtml#edit_ca_certificate_trust_settings"/> </rdf:li>
<rdf:li><rdf:Description ID="delete_ca_certs" nc:name="Delete CA Certificate" nc:link="chrome://help/locale/certs_help.xhtml#delete_ca_certificates"/> </rdf:li>
</rdf:Seq>
</nc:subheadings>
</rdf:Description>

View File

@ -128,7 +128,7 @@
digitally signed message.</p>
<p>When you receive such a message, the person's certificate is automatically
stored by the <a href="certs_help.html">Certificate Manager</a>, which is the
stored by the <a href="certs_help.xhtml">Certificate Manager</a>, which is the
part of the browser that keeps track of certificates. This is useful because
you need to have a certificate for each recipient of any email message that
you want to send in encrypted form.</p>
@ -415,7 +415,7 @@
signature is no longer valid.</p>
<p>If the signature is invalid because of a problem with a certificate's trust
settings, you can use the <a href="certs_help.html">Certificate Manager</a>
settings, you can use the <a href="certs_help.xhtml">Certificate Manager</a>
to view or edit those settings.</p>
<li><strong>View Signature Certificate.</strong> If the message is signed,
@ -430,7 +430,7 @@
message) is not available on your computer, the private key required to
decrypt the message cannot be retrieved. The only solution is to import a
backup copy of your certificate and its private key (see
<a href="certs_help.html#My_Certificates">Your Certificates</a> for
<a href="certs_help.xhtml#your_certificates">Your Certificates</a> for
details.) If you don't have access to a backup certificate, you will not be
able to decrypt the message.</li>
</ul></li>

View File

@ -58,7 +58,7 @@
<p>When you first obtain a certificate, you may be prompted to back it up. If you haven't yet created a master password, you will be asked to create one.
<p>For detailed information about backing up a certificate and setting your master password, see <a href="certs_help.html#My_Certificates">Your Certificates</a>.
<p>For detailed information about backing up a certificate and setting your master password, see <a href="certs_help.xhtml#your_certificates">Your Certificates</a>.
<p>
@ -149,7 +149,7 @@
<p><b>Certificates on smart cards cannot be backed up.</b> Whether you select some of your certificates and click Backup, or click Backup All, the resulting backup file will not include any certificates stored on smart cards or other external security devices. You can only back up certificates that are stored on the built-in Software Security Device.
<p>For more details about any of these tasks, see <a href="certs_help.html#My_Certificates">Your Certificates</a>.
<p>For more details about any of these tasks, see <a href="certs_help.xhtml#your_certificates">Your Certificates</a>.
<p>
@ -170,7 +170,7 @@
<p>To perform an action on one or more certificates, click the entry for the certificate (or Control-click to select more than one), then click the View or Delete button. Each of these buttons brings up another window that allows you to perform the action. Click the Help button in any window to obtain more information about using that window.
<p>For more details, see <a href="certs_help.html#Other_Peoples_Certificates">Other People&apos;s Certificates</a>.
<p>For more details, see <a href="certs_help.xhtml#other_peoples_certificates">Other People&apos;s Certificates</a>.
<p>
@ -193,7 +193,7 @@
<p>The Edit button allows you to specify whether your browser will trust the selected web site certificates in the future.
<p>For more details, see <a href="certs_help.html#Web_Site_Certificates">Web Site Certificates</a>.
<p>For more details, see <a href="certs_help.xhtml#web_site_certificates">Web Site Certificates</a>.
@ -215,7 +215,7 @@
<p>The Edit button allows you to view and control the trust settings for each certificate. Trust settings for a CA certificate let you to specify which kinds of certificates issued by that CA you are willing to trust.
<p>For more details, see <a href="certs_help.html#CA_Certificates">Authorities</a>.
<p>For more details, see <a href="certs_help.xhtml#authorities">Authorities</a>.
<p>
[&nbsp;<A HREF="#using_certs_first">Return to beginning of section</A>&nbsp;]
@ -307,7 +307,7 @@
<p>You can perform these actions on most security devices. However, you cannot perform them on the Builtin Object Token or Generic Crypto Services, which are special devices that must normally be available at all times.
<p>For more details, see <a href="certs_help.html#Security_Devices">Device Manager</a>.
<p>For more details, see <a href="certs_help.xhtml#device_manager">Device Manager</a>.
<p>

View File

@ -59,7 +59,7 @@
<p>When you first obtain a certificate, you may be prompted to back it up. If you haven't yet created a master password, you will be asked to create one.
<p>For detailed information about backing up a certificate and setting your master password, see <a href="certs_help.html#My_Certificates">Your Certificates</a>.
<p>For detailed information about backing up a certificate and setting your master password, see <a href="certs_help.xhtml#your_certificates">Your Certificates</a>.
<p>
@ -150,7 +150,7 @@
<p><b>Certificates on smart cards cannot be backed up.</b> Whether you select some of your certificates and click Backup, or click Backup All, the resulting backup file will not include any certificates stored on smart cards or other external security devices. You can only back up certificates that are stored on the built-in Software Security Device.
<p>For more details about any of these tasks, see <a href="certs_help.html#My_Certificates">Your Certificates</a>.
<p>For more details about any of these tasks, see <a href="certs_help.xhtml#your_certificates">Your Certificates</a>.
<p>
@ -171,7 +171,7 @@
<p>To perform an action on one or more certificates, click the entry for the certificate (or Control-click to select more than one), then click the View or Delete button. Each of these buttons brings up another window that allows you to perform the action. Click the Help button in any window to obtain more information about using that window.
<p>For more details, see <a href="certs_help.html#Other_Peoples_Certificates">Other People&apos;s Certificates</a>.
<p>For more details, see <a href="certs_help.xhtml#other_peoples_certificates">Other People&apos;s Certificates</a>.
<p>
@ -194,7 +194,7 @@
<p>The Edit button allows you to specify whether your browser will trust the selected web site certificates in the future.
<p>For more details, see <a href="certs_help.html#Web_Site_Certificates">Web Site Certificates</a>.
<p>For more details, see <a href="certs_help.xhtml#web_site_certificates">Web Site Certificates</a>.
@ -216,7 +216,7 @@
<p>The Edit button allows you to view and control the trust settings for each certificate. Trust settings for a CA certificate let you to specify which kinds of certificates issued by that CA you are willing to trust.
<p>For more details, see <a href="certs_help.html#CA_Certificates">Authorities</a>.
<p>For more details, see <a href="certs_help.xhtml#authorities">Authorities</a>.
<p>
[&nbsp;<A HREF="#using_certs_first">Return to beginning of section</A>&nbsp;]
@ -308,7 +308,7 @@
<p>You can perform these actions on most security devices. However, you cannot perform them on the Builtin Object Token or Generic Crypto Services, which are special devices that must normally be available at all times.
<p>For more details, see <a href="certs_help.html#Security_Devices">Device Manager</a>.
<p>For more details, see <a href="certs_help.xhtml#device_manager">Device Manager</a>.
<p>