105751 – certificate validation fails if certificates are only on the chip card

Issue 105751 - certificate validation fails if certificates are only on the chip card

Summary: certificate validation fails if certificates are only on the chip card

Status:	ACCEPTED

Alias:	None

Product:	xml
Classification:	Code
Component:	code (show other issues)
Version:	DEV300m60
Hardware:	All Linux, all

Importance:	P3 Trivial (vote)
Target Milestone:	4.x
Assignee:	AOO issues mailing list
QA Contact:

URL:
Keywords:

Depends on:
Blocks:

Reported:	2009-10-09 07:55 UTC by joachim.lingner
Modified:	2013-01-29 21:46 UTC (History)
CC List:	2 users (show)

See Also:
Issue Type:	DEFECT
Latest Confirmation in:	---
Developer Difficulty:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.

Description joachim.lingner 2009-10-09 07:55:49 UTC

... that is, the necessary certificates for building the certification path are
not completey in the certificate database of the mozilla profile. A typical
scenario is, that the chip card contains the private key and the certificate of
the user as well as the complete chain. 

When the user starts OOo and loads a signed document, then the validation fails.
Only when the user has entered the PIN for the card the validation is
successful. However, the user is not automatically requested to enter the PIN.
Only when one adds a signature (pressing the "Add" button in the signature
dialog), then one can enter the PIN. One can then press cancel to abort the
signature operation and reload the document. 

A certificate can only be valid if the user sets the trust settings of the root
certificate (which is on the chip card) to trusted. This is done in the
preferences dialog of mozilla/firefox.

Comment 1 joachim.lingner 2009-10-09 07:57:44 UTC

Comment 2 joachim.lingner 2010-02-09 10:00:17 UTC

Retargeted to 3.x