Results 1 to 5 of 5

Thread: FAQ: Which browser can be used to signup for a Code Signing certificate?

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1

    Default FAQ: Which browser can be used to signup for a Code Signing certificate?

    FAQ: Which browser can be used to signup for a Code Signing certificate?

    SUMMARY

    The private key for a Comodo code-signing certificate is generated by the
    browser during certificate enrollment. When the "Submit" button is pressed,
    a key pair of the selected size is generated. The private key is encrypted
    and stored in the local key database.

    Comodo recommends using Internet Explorer 8+ on Windows and Safari on Mac
    for certificate enrollment as it is both easy to apply and convenient for
    the user.

    1. Microsoft Internet Explorer: IE uses the CertEnroll/XEnroll ActiveX
    control to generate and install certificates through the browser.

    2. Microsoft Edge: Neither the <keygen> nor the CertEnroll/XEnroll ActiveX
    controls are present in Microsoft's new Edge browser. DON'T USE IT!

    3. Mozilla Firefox: This browser supports key generation and certificate
    installation by default through the <keygen> function and special
    certificate file type handling.

    Note: While Firefox supports in-browser certificate installation, it uses
    its own keystore to store the certificate and is not shared with other
    applications. Installing through Internet Explorer will install the
    certificate to the Windows Certificate Manager which is used by other
    applications such as Microsoft Office, Outlook, and Google Chrome. For this
    reason, Internet Explorer is recommended.

    4. Google Chrome: As of Chrome 49, the <keygen> function has been disabled
    by default and digital certificate file types are downloaded instead of
    installed. While the keygen function can manually be enabled, the custom
    filetype handling is still removed, therefore installation through Google
    Chrome is not supported.

    ADDITIONAL INFORMATION

    Note: From Chromium Version 49, "Key Generation" feature is no longer
    supported. Please DO NOT use any Chromium based browser for S/MIME
    certificate enrollment. Some examples of Chromium Based browsers are,
    Google Chrome, Yandex Browser, Opera.

    --
    Friedrich Linder
    Lindersoft | SetupBuilder | www.lindersoft.com
    954.252.3910 (within US) | +1.954.252.3910 (outside US)

    --SetupBuilder "point. click. ship"
    --Helping You Build Better Installations
    --Create Windows 10 ready installations in minutes
    --Official COMODO Code Signing and SSL Certificate Partner
    Last edited by linder; 12-20-2016 at 02:29 AM.

  2. #2

    Default Re: FAQ: Which browser can be used to signup for a Code Signing certificate?

    Note: on Windows 10, the default browser is Edge. Neither the <keygen> nor
    the CertEnroll/XEnroll ActiveX controls are present in Microsoft's Edge
    browser. DON'T USE IT !!!

    To use Internet Explorer in Windows 10, just type Internet Explorer in the
    Cortana/Search box.

    Friedrich
    Attached Images Attached Images  

  3. #3

    Default Re: FAQ: Which browser can be used to signup for a Code Signing certificate?

    :-(

    It would have been nice to know about this trick. I would not have to
    have fired up an older machine.

    Question: Next time round - is it treated as a brand new request and I
    can use any machine for that new exercise? The private key used this
    time is not relevant any longer? Is that correct?

    Andre

  4. #4

    Default Re: FAQ: Which browser can be used to signup for a Code Signing certificate?


  5. #5

    Default Re: FAQ: Which browser can be used to signup for a Code Signing certificate?

    Hi Friedrich,

    > 3. Mozilla Firefox: This browser supports key generation and certificate
    > installation by default through the <keygen> function and special
    > certificate file type handling.
    >
    > Note: While Firefox supports in-browser certificate installation, it uses
    > its own keystore to store the certificate and is not shared with other
    > applications. Installing through Internet Explorer will install the
    > certificate to the Windows Certificate Manager which is used by other
    > applications such as Microsoft Office, Outlook, and Google Chrome. For this
    > reason, Internet Explorer is recommended.

    I used FF as the Comodo website popped up warnings about all the other
    browsers It worked fine, but the way to export the certificate was
    perfectly unintuitive

    Best regards,

    --
    Arnor Baldvinsson
    Icetips Alta LLC

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •