Security/Security Bugs/EncryptedBugmail: Difference between revisions

Jump to navigation Jump to search

Security/Security Bugs/EncryptedBugmail (view source)

Revision as of 22:40, 16 March 2012

574 bytes added ,  16 March 2012
→‎5. How do I make a PGP/GPG public key or get an S/MIME certificate?
Line 55: Line 55:
PGP/GPG keys uploaded to Bugzilla must be ASCII-armoured (i.e. text, with the first line containing BEGIN PGP PUBLIC KEY) in order to work.
PGP/GPG keys uploaded to Bugzilla must be ASCII-armoured (i.e. text, with the first line containing BEGIN PGP PUBLIC KEY) in order to work.


You can obtain an S/MIME certificate from a number of providers. You can [https://www.startssl.com/?app=12 get a free one from StartCom] or [https://www.verisign.com/digital-id/index.html?tid=gnps pay Verisign] for one. Once you have it, [https://www.startssl.com/?app=25#52 export it from your browser] as a .p12 file and import it into your mail client. S/MIME Keys must be in PEM format - i.e. Base64-encoded text, with the first line containing BEGIN CERTIFICATE. In order to upload it to Bugzilla, you will need to convert the certificate to a .pem file.
You can obtain an S/MIME certificate from a number of providers. You can [https://www.startssl.com/?app=12 get a free one from StartCom] or [https://www.verisign.com/digital-id/index.html?tid=gnps pay Verisign] for one. Once you have it, [https://www.startssl.com/?app=25#52 export it from your browser] as a .p12 file and import it into your mail client. S/MIME Keys must be in PEM format - i.e. Base64-encoded text, with the first line containing BEGIN CERTIFICATE.  


If you have OpenSSL installed, one way is as follows:
In order to upload it to Bugzilla, you will need to convert the
certificate to the PEM format.


openssl pkcs12 -in certificate.p12 -out certificate.pem -nodes
If you have OpenSSL installed and want to use the command line, you can
extract your certificate from the .p12 file that you have exported:


The resulting .pem file is plain text and you can get your key out of it to be added to Bugzilla. '''Note: the .pem file has your private key in plaintext. Delete it once you have copied the public key out of it!'''
  openssl pkcs12 -in certificate.p12 -out certificate.pem -nokeys
 
The resulting .pem file may contain multiple certificates (your own
certificate and intermediate CA certificates). The first block should be
your own certificate, only copy and paste that block into the Bugzilla
form.
 
Another approach is to use Certificate Manager. To open it in Firefox or
Thunderbird, use menu command Edit, Preferences, Advanced, Encryption (or Certificates in Thunderbird), View certificates.
 
Now click the "My Certificates" tab, find your own certificate, click "View", click the "Details" tab, click "Export". Save using the suggested default file
format (X.509 Certificate PEM). The file will contain a single certificate, paste the file contents into the Bugzilla form.


=== 6. Where can I get more information on setting this up for my mail client? ===
=== 6. Where can I get more information on setting this up for my mail client? ===
Kaie
Confirmed users
563

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/408697"

Navigation menu