I have installed jboss 5.1.0.GA and ejbca 4.0.10. I am using firefox 11.0 for accessing admin web. All applications are sitting on ubuntu12.
I have successfully created a browser certificate and installed it on Firefox. but when I go to view my certificates in Firefox the root CA name is "null1" - its not showing the correct name for the root CA. The root certificate is also not showing issuer details when I view certificate details.
Have you installed the superadmin.p12 certificate from the P12 subdirectory in Firefox?
Can you login to EJBCA using Firefox?
PrimeKey tech support
I guess the answer is yes on my questions.
Then you should be able to see the root, otherwise Firefox would complain.
I have done all of that and I can login to the web admin using the new certificate. But my problem is that when I go to firefox to view my CA is gives null1 for root CA name. Why is it not giving the correct root CA name? Do I need to activate/enable something in order to see correct CA name and details?
It is possible that your CA actually is null1! If not there is something wrong with your firefox. Firefox wouldn't import a malformed certificate. CA subject DN can be fund using admin GUI.
You should rather lookup the SuperAdmin cert and view the path there.
I just tested the certificate using google chrome, i still get "null1" for root CA name.
please check the superadmin cert which you use for logging in to EBCA
How do I check it and what am i looking for - please give me details. I am still new in PKI/EJBCA.
Could yóu begin with just looking up the certificate firefox?
Tools-Options-Advanced-Encryption-View Certificates-Your certificates
There you will see at least one EJBCA root in clear using the View command
I have re-installed jboss/ejbca, and installed the superadmin.p12 in the browser. I get the error " Connection is Untursted" when login to the admin GUI. Did i miss any step? Why is the EJBCA rejecting the superadmin.12 certificate?
It sounds to me that it is Firefox that complains. You need to edit trust in Tools-Options-Advanced-Encryption-View Certificates-Authorities for the EJBCA CA.
BTW, did you fixed the "null" CA?
I am still getting the same message even after making the RootCA trusted in firefox. I have also tested on Internet Explorer, there i get a message to " Grant or Deny Application permission to use this key"
I did not manage to fix the "null" CA error - thats why i decided to re-install. I think the problem was that i created a new CA and used it to issue admin keys and deleted the initial CA.
if you accept the complaint by Firefox can you login?
For Internet Explorer, say grant and see what happens.
Yes, I do manage to login with Firefox after "Adding and Confirming Security Exception"
After clicking Grant on Internet Explorer it takes me to the next page, with the error " There is a problem with this website Security Certificate" - then after clicking " continue to this website" - I manage to login.
If you had edited trust with authenticating server you should not have had to set a security exception.
but it's nice that it is working!
I managed to solve the null1 CAName - the problem was caused by a wrong subject DN.