Firstly, thanks for a great app, which greatly simplifies what is otherwise a painful job.
However I have encountered a problem with firefox 3. It seems that firefox 3 won't accept the default self-signed server certificates generated by XCA. I raised this on bugzilla.mozilla.org as bug no. 424077. The firefox security maintainers argue that such a certificate still needs to be set up as also a a CA certificate, and needs to permit certificate signing (neither of which the default created by XCA does). I don't know the standards well enough to comment on which is the right way to handle this issue, but in the long run it will be highly desirable for XCA to be compatible with FF3 - either through a change to the XCA default self-signed server certificate, or through a change to FF3 policy.
Log in to post a comment.