If you get a warning about a missing Mozilla profile, have a look at chapter 1.1.1 please. Now select Digital Signatures from the File Menu. Then one has to add opensc-pkcs11.so, which may be found under /usr/lib, in the device manager.Įdit the document you want to sign and save it. pcscd is a deamon, which is located in /etc/init.d.
With some readers/cards it is sufficient to install opensc and pcscd.
The device manager can be found in the options dialog under the Advanced tab page. In general, this will require to add a particular library (a pkcs11 module) in the device manager (security devices) in Firefox/Thunderbird.
If you use Linux, then follow the documentation about how to add smart card support to Firefox/Thunderbird.
Please read first the documentation of your reader and card and install all necessary software which comes with it. There are loads of different types of readers and smart cards. It is also necessary that the trust settings for the root certificates are set to trust the certificate to identify web sites and e-mail users. See Certificate Detection for how to set MOZILLA_CERTIFICATE_FOLDER correctly. In this case, locate the appropriate profile folder and set the Environment Variable MOZILLA_CERTIFICATE_FOLDER accordingly. In this case the Certificates are not shown in the digital signature dialog of the Office suite. This is especially useful to know as Debian and maybe Fedora Linux Installations seem to set the profile names in another way as suggested by the Mozilla developers. StarOffice / is looking for a certificate in the mentioned profiles according to the following search order :Ī.) The environment variable MOZILLA_CERTIFICATE_FOLDER If you install either Mozilla Firefox or Thunderbird, the Mozilla NSS services will likely be installed as part of these packages. A certificate (obtained from a Certificate Authority) To use your Certificate for digital signing of documents on Linux or Solaris we need some prerequisites : You have transferred your certificate into the Microsoft keystore of your Windows installation. travel to the location of the now exported file by using your preferred file manager and To import the Certificate into the Microsoft Cryptoengine, do the following: Follow the instructions given by Mozilla Find a place were you can save the file and name it
Select the Certificate to export and click on the button Backup To do so, just go to your settings dialog in Mozilla and choose : In case you've used Mozilla or Firefox, you have to export your certificate into a file from the Mozilla Certificate store and import it into the Microsoft keystore. On Windows the Microsoft Crypto API is used, therefore nothing has to be done if the Internet Explorer was used to get the Certificate. This certificate information needed by StarOffice / relies on the Crypto engine on the users system. (Please find additional details on this part on the Certificate Detection page.) Once installed, you should be able to view your certificate through a variety of means depending on your system. If you follow the process to get a certificate this will be installed into the keystore of your system. OpenOffice supports both the internal certificate store for some systems and the Network Security Service of Mozilla. In combination with a Freemail Account you can get a digital certificate for Germany at Web.de ( ).ġ.1 How to make a certificate useable for OpenOffice/ StarOffice Such companies are Globalsign ( ), Verisign ( ) and also Trustcenter and StartSSL. If you do not trust these companies or want a higher Class Certificate you need to pay some money and the company will validate your personal data to make sure that you are the one you say you are. If not you will not be able to sign documents any longer. After that you have to renew it if you like.
These companies offer such a certificate for free with an expiration time of one year. You can get one for free by various Security Providers, for Germany especially for people from Hamburg, you can get such a certificate from the Trustcenter ( ), other people may have a look at Comodo( ), StartSSL ( ) or CAcert ( ). First of all you need a valid digital certificate.