ryancdickson
commented
6 years ago This comment is correct - PIV issuer needs to be imported to allow authentication.
Assigning to self.
Closed bnordgren closed 6 years ago
ryancdickson
commented
6 years ago This comment is correct - PIV issuer needs to be imported to allow authentication.
Assigning to self.
clstmbrly
commented
6 years ago The Firefox Playbook has been updated to include this information. Published on 8/24/2018. Closing this issue.
Description of Issue:
Firefox page (https://github.com/GSA/piv-guides/blob/staging/_engineering/01_firefox.md) is missing the necessary step of importing all CA certs in the trust chain from the PIV to the root.
Details of Issue:
CA certificates need to be imported or Firefox won't use the PIV user certificate. Additionally, upon import, the certificate must be trusted to verify email senders.
To verify successful operation, the user should navigate to the "View Certificates" screen, click the personal certificates tab, click one of the certs on their piv card, and ensure that Firefox can validate the certificate.
References (Docs, Links, Files):
https://collab.firelab.org/software/projects/internet2/wiki/Configuring_Linux_to_use_LincPass_cards
If a New Page or Content is Needed, Expected Outcomes:
Page describes the production of a functional end-user system.
Link to the Content Page for Contributors:
https://github.com/GSA/piv-guides/blob/staging/_engineering/01_firefox.md