summaryrefslogtreecommitdiffstats
path: root/l10n-an/suite/chrome/common/help/certs_prefs_help.xhtml
blob: a6aae1b37673b01cb81e7a894b38683399715cea (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
<?xml version="1.0" encoding="UTF-8"?>
<!-- This Source Code Form is subject to the terms of the Mozilla Public
   - License, v. 2.0. If a copy of the MPL was not distributed with this
   - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
  "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"[
  <!ENTITY % brandDTD SYSTEM "chrome://branding/locale/brand.dtd" >
  %brandDTD;
]>

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Privacy &amp; Security Preferences - Certificates</title>
<link rel="stylesheet" href="helpFileLayout.css"
  type="text/css"/>
</head>
<body>

<h1 id="certificate_settings">Certificate Settings</h1>

<p>This section describes how to set your certificate preferences and how to
  use the Certificate Manager, Device Manager, and other dialog boxes related
  to certificates.</p>

<p>For step-by-step descriptions of various tasks related to certificates, see
  <a href="using_certs_help.xhtml">Using Certificates</a>.</p>

<div class="contentsBox">In this section:
  <ul>
    <li><a href="#privacy_and_security_preferences_certificates">Certificate 
      Preferences</a></li>
    <li><a href="certs_help.xhtml">Certificate Manager</a></li>
    <li><a href="certs_help.xhtml#device_manager">Device Manager</a></li>
    <li><a href="cert_dialog_help.xhtml">Certificate Information and
      Decisions</a></li>
  </ul>
</div>

<h2 id="privacy_and_security_preferences_certificates">Privacy &amp; Security
  Preferences - Certificates</h2>

<p>This section describes use the Certificates preferences panel. To view
  Certificates preferences, follow these steps:</p>

<ol>
  <li>Open the <span class="mac">&brandShortName;</span>
    <span class="noMac">Edit</span> menu and choose Preferences.</li>
  <li>Under the Privacy &amp; Security category, click Certificates. (If no
    subcategories are visible, double-click Privacy &amp; Security to expand
    the list.)</li>
</ol>

<h3 id="client_certificate_selection">Client Certificate Selection</h3>

<p>Some websites require you to identify yourself with a certificate. The
  option you select here determines how the browser identifies the certificate
  to present among those you may have on file:</p>

<ul>
  <li><strong>Select Automatically:</strong> Click this option if you want
    the browser to select a certificate without asking you.</li>
  <li><strong>Ask Every Time:</strong> Click this option if you want the browser
    to ask you which certificate to use each time a website requests one.</li>
</ul>

<h3 id="manage_certificates">Manage Certificates</h3>

<p>Certificates are the digital equivalent of ID cards&mdash;they help other
  people identify you, and they help you identify other people, websites, and
  organizations.</p>

<p>To examine or configure the certificates you have on file, click Manage
  Certificates. See <a href="using_certs_help.xhtml#managing_certificates">Managing
  Certificates</a> for further information on this dialog.</p>

<h3 id="manage_security_devices">Manage Security Devices</h3>

<p>A security device is a hardware or software device that stores your
  certificates and keys. For example, a smart card is a security device. Your
  browser has its own built-in software security device, and you can use
  additional security devices, such as smart cards, at the same time.</p>

<p>To examine or configure your security devices, click Manage Security
  Devices. See <a href="using_certs_help.xhtml#managing_smart_cards_and_other_security_devices">Managing
  Smart Cards and Other Security Devices</a> for further information on
  this dialog.</p>

<h3 id="ocsp">OCSP</h3>

<p>A certificate revocation list (CRL) is a list of revoked certificates that
  is generated and signed by a
  <a href="glossary.xhtml#certificate_authority">certificate authority
  (CA)</a>. The Online Certificate Status Protocol (OCSP) makes it possible for
  Certificate Manager to perform an online check of a certificate&apos;s
  validity each time the certificate is viewed or used. This process involves
  checking the certificate against a CRL maintained at a server specified by
  the CA of that certificate. Your computer must be online for OCSP to work.</p>

<p>The following settings in the OCSP section of the Certificates preferences
  panel determine how Certificate Manager uses OCSP:</p>

<ul>
  <li><strong>Use the Online Certificate Status Protocol (OCSP) to confirm the
    current validity of certificates</strong>: Select this if you want
    Certificate Manager to perform an online status check each time it verifies
    a certificate. Certificate Manager makes sure that the certificate is
    listed as valid at the URL and checks validity period and trust settings.

    <p><strong>Note</strong>: If this setting is not selected, Certificate
      Manager will only confirm the certificate&apos;s validity period and that
      it is correctly signed by a CA whose own CA certificate is both listed
      under the CA Certificates tab (in the main Certificate Manager window)
      and marked as trusted for issuing that kind of certificate.</p>
  </li>
  <li><strong>When an OCSP server connection fails, treat the certificate as
    invalid</strong>: Select this if you want the validation to fail if a
    connection to the OCSP server can&apos;t be established, thus enforcing
    that a certificate always must be positively validated for each use.</li>
</ul>

<p>For more detailed information on certificate validation, see
  <a href="using_certs_help.xhtml#controlling_validation">How Certificate
  Validation Works</a>.</p>

</body>
</html>