1. Install and run at least once Mozilla Firefox (current version 5)
2. Please download from your Android phone to the PC: - Mozilla Firefox:
/Android/data/org.mozilla.firefox/files/mozilla/.default/cert9.db
/Android/data/org.mozilla.firefox/files/mozilla/.default/key4.db
Thanks to JD:3. Move them to a MS Windows directory (Ex.: C:\keys )
He didn't have the mozilla dir with the cert9.db and key4.db files in it.
He got it to work by installing Firefox, then move it with App2SD (free in market) to my SD-card.
This way he received the folder /Android/data/org.mozilla.firefox/files/mozilla and also the folder '.default' where the 2 db-files were located.
After following the other step in this post and updating the 2 .db files (via pk12util.exe) He moved Firefox back from his SD-card to Local Storage and Things worked as they should be.
4. Download the package NSS_Tools_x86_from_NSS_3.12.7 Tools.zip and extract it into a directory (Ex.: c:\nss-3_12_7)
5. Run command prompt ( CMD.EXE ) and change the directory where you have extracted NSS_Tools_x86_from_NSS_3.12.7 Tools.zip(Ex.: "cd c:\nss-3_12_7")
6. Executhe the command:
pk12util.exe -i -d sql:
( Ex.: c:\nss-3_12_7>pk12util.exe -i c:\epay.p12 -d sql:C:\keys )
Enter password for PKCS12 file:
pk12util.exe: PKCS12 IMPORT SUCCESSFUL
If you have more client certificates - do the same command again.
Thanks to GG:7. Move the "cert9.db" and "key4.db" files back to your Android phone. If necessary fix the ownership and access rights.
Hi Ivo, We ran into this odd behaviour: When using the pk12util.exe, we got this question: "Enter a password which will be used to encrypt your keys. The password should be at least 8 characters long, and should contain at least one non-alphabetic character." As a mistake, we filled out our pkcs12 password here. You should skip this question by hitting enter twice. Then run the util again, and enter your pkcs12 password. on Client SSL Certificates with Android (2.3.3) OS on Samsung Galaxy S2
8. Restart Mozilla Firefox.
9. If you access a web site that needs client certificate authentication the browser will ask you to choose one of the imported client certificates and will you them
Nice post, going to give it a go later when i come back from work. Do all types of ssl certificates work, because my friend has had a lot of issues with so certs on is phone also do you think this might work on my internet tablet aswell?
ReplyDeleteHi Tim,
ReplyDeleteThanks for you comment!
I'm not sure what other types of certs you want to test, but the tool I've added to this post is for importing p12 client certs.
If your tablet is android based and you can get access to your internal / external memory than I'm pretty sure this will work. Things that could be different are paths were to find you firfox profile..
If you have tried it on your tablet, let me know if it worked out for you or maybe you had to do things differently.
Vo
Hi Vo,
ReplyDeleteThanks for this, it was very helpfull.
I got it to work by installing Firefox, then move it with App2SD (free in market) to my SD-card.
Only then the folder /Android/data/org.mozilla.firefox/files/mozilla was visible and also the folder '.default' where the 2 db-files were located.
After the 2 files were update (via pk12util.exe) I moved Firefox back from my SD-card to Local Storage and I was on my way :-)
Again, thnx! Hope my comment helps a bit.
Thanks for the tip! I will update this item with your findings.
ReplyDeleteHi Ivo,
ReplyDeleteWe ran into this odd behaviour:
When using the pk12util.exe, we got this question:
"Enter a password which will be used to encrypt your keys. The password should be at least 8 characters long, and should contain at least one non-alphabetic character."
As a mistake, we filled out our pkcs12 password here. You should skip this question by hitting enter twice. Then run the util again, and enter your pkcs12 password.