Certificate Manager

This section describes how to use the Certificate Manager. For more general information on using certificates, see Using Certificates.

If you are not already viewing the Certificate Manager window, follow these steps:

  1. Open the Edit menu and choose Preferences.
  2. Under the Privacy & Security category, click Certificates. (If no subcategories are visible, double-click the category to expand the list.)
  3. Click Manage Certificates.

 

In this section:

Your Certificates

Web Site Certificates

Authorities

 

Your Certificates

The Your Certificates tab in the Certificate Manager allows you to examine and work with the certificates you have on file that identify you. To select a certificate, click its name. To select more than one certificate, hold down the Control key and click the names of those you want to select.

To perform these actions, select the certificates on which you want to act and click one of these buttons:

These actions do not require a certificate to be selected:

Return to beginning of Certificate Manager section ]

 

Choose a Certificate Backup Password

A certificate backup password protects one or more certificates that you are backing up using the Backup or Backup All button in the Your Certificates panel of the Certificate Manager.

The browser asks you to set a certificate backup password when you back up certificates, and requests it when you attempt to restore certificates that have previously been backed up.

Choose a good password: If someone obtains the file containing a certificate that you have backed up and successfully restores the certificate, that person can send messages or access web sites while pretending to be you. This can have negative consequences, for example, if you digitally sign important email messages or manage your bank or investment accounts over the Internet.

Therefore, it's important to select a certificate backup password that is difficult to guess. The password quality meter gives you a rough idea of the quality of your password as you type it based on factors such as length and the use of uppercase letters, lowercase letters, numbers, and symbols.

For further guidelines, see the online document Choosing a Good Password.

It's also important to record the password in a safe place—and not anywhere that's easily accessible to someone else. If you forget this password, you can't restore the backup of your certificate.

Return to beginning of Certificate Manager section ]

 

Delete Certificate

Before deleting one of your own expired certificates, make sure you won't need it again some day for reading old email messages that you may have encrypted with the corresponding private key.

Return to beginning of Certificate Manager section ]

 

Web Site Certificates

The Web Sites tab in the Certificate Manager allows you to examine and work with the certificates you have on file that identify web sites.

To perform these actions, select the certificates on which you want to act and click one of these buttons:

 

Edit Web Site Certificate Trust Settings

When you select a web site certificate and click Edit, you see a window entitled "Edit web site certificate trust settings." Here you specify whether you want to trust the selected certificate for identifying the web site and setting up an encrypted connection with it.

The radio buttons have the following effects:

To specify trust settings for the certificate authority (CA) that issued the web site certificate, click CA Trust. The CA trust settings allow you to trust or not to trust different kinds of certificates issued by that certificate authority. For example, you can choose to trust all web site certificates issued by that certificate authority.

Click OK to confirm your choice.

Return to beginning of Certificate Manager section ]

 

Delete Web Site Certificate

Before deleting a web site certificate, make sure that you won't need it again for the purposes of identifying a web site and setting up an encrypted connection.

Return to beginning of Certificate Manager section ]

 

Authorities

The Authorities tab in the Certificate Manager allows you to examine and work with the certificates you have on file that identify certificate authorities (CAs).

To perform these actions, select the certificates on which you want to act and click one of these buttons:

 

Edit CA Certificate Trust Settings

When you select a CA certificate and click Edit, you see a window entitled "Edit CA certificate trust settings." Here you specify the kinds of certificates you trust this CA to certify. If you deselect all the checkboxes, Certificate Manager will not trust any certificates issued by this CA.

The settings have these effects:

Click OK to confirm the settings you have selected.

Return to beginning of Certificate Manager section ]

 

Delete CA Certificate

Before deleting a CA certificate, make sure that you won't need it again to validate certificates issued by that CA. If you delete the only valid certificate you have for a CA, Certificate Manager will no longer trust any certificates issued by that CA.

Return to beginning of Certificate Manager section ]

 


Device Manager

This section describes the options available in the Device Manager window. For background information and step-by-step instructions on the use of the Device Manager, see Manage Smart Cards and Other Security Devices.

If you are not already viewing the Device Manager window, follow these steps:

  1. Open the Edit menu and choose Preferences.
  2. Under the Privacy & Security category, choose Certificates. (If no subcategories are visible, double-click the category to expand the list.)
  3. In the Certificates panel, click Manage Devices.

The Device Manager lists each available PKCS #11 module in boldface, and the security devices managed by each module below the module's name.

When you select a module or device, information about the selected item appears in the middle of the window, and some of the buttons on the right side of the window become available. In general, you perform an action on a module or device by selecting its name and clicking the appropriate button. For example:

To add a new module, click Load. Before adding a new module, you should first install the module software on your computer and if necessary connect any associated hardware device. Follow the instructions provided by the vendor.

The Enable FIPS button on the right side of the Device Manager allows you to turn the FIPS mode on and off. For more information, see Enable FIPS Mode.

Return to beginning of Device Manager section ]


9/06/2001

Copyright © 1994-2001 Netscape Communications Corporation.