From 36d22d82aa202bb199967e9512281e9a53db42c9 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 21:33:14 +0200 Subject: Adding upstream version 115.7.0esr. Signed-off-by: Daniel Baumann --- .../manager/chrome/pipnss/nsserrors.properties | 331 +++++++++++++++++++++ .../manager/chrome/pipnss/pipnss.properties | 136 +++++++++ .../manager/chrome/pippki/pippki.properties | 75 +++++ .../manager/security/certificates/certManager.ftl | 228 ++++++++++++++ .../security/certificates/deviceManager.ftl | 133 +++++++++ .../security/manager/security/pippki/pippki.ftl | 106 +++++++ 6 files changed, 1009 insertions(+) create mode 100644 l10n-en-GB/security/manager/chrome/pipnss/nsserrors.properties create mode 100644 l10n-en-GB/security/manager/chrome/pipnss/pipnss.properties create mode 100644 l10n-en-GB/security/manager/chrome/pippki/pippki.properties create mode 100644 l10n-en-GB/security/manager/security/certificates/certManager.ftl create mode 100644 l10n-en-GB/security/manager/security/certificates/deviceManager.ftl create mode 100644 l10n-en-GB/security/manager/security/pippki/pippki.ftl (limited to 'l10n-en-GB/security') diff --git a/l10n-en-GB/security/manager/chrome/pipnss/nsserrors.properties b/l10n-en-GB/security/manager/chrome/pipnss/nsserrors.properties new file mode 100644 index 0000000000..84a6c85ea2 --- /dev/null +++ b/l10n-en-GB/security/manager/chrome/pipnss/nsserrors.properties @@ -0,0 +1,331 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +SSL_ERROR_EXPORT_ONLY_SERVER=Unable to communicate securely. Peer does not support high-grade encryption. +SSL_ERROR_US_ONLY_SERVER=Unable to communicate securely. Peer requires high-grade encryption which is not supported. +SSL_ERROR_NO_CYPHER_OVERLAP=Cannot communicate securely with peer: no common encryption algorithm(s). +SSL_ERROR_NO_CERTIFICATE=Unable to find the certificate or key necessary for authentication. +SSL_ERROR_BAD_CERTIFICATE=Unable to communicate securely with peer: peers's certificate was rejected. +SSL_ERROR_BAD_CLIENT=The server has encountered bad data from the client. +SSL_ERROR_BAD_SERVER=The client has encountered bad data from the server. +SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE=Unsupported certificate type. +SSL_ERROR_UNSUPPORTED_VERSION=Peer using unsupported version of security protocol. +SSL_ERROR_WRONG_CERTIFICATE=Client authentication failed: private key in key database does not match public key in certificate database. +SSL_ERROR_BAD_CERT_DOMAIN=Unable to communicate securely with peer: requested domain name does not match the server's certificate. +SSL_ERROR_POST_WARNING=Unrecognised SSL error code. +SSL_ERROR_SSL2_DISABLED=Peer only supports SSL version 2, which is locally disabled. +SSL_ERROR_BAD_MAC_READ=SSL received a record with an incorrect Message Authentication Code. +SSL_ERROR_BAD_MAC_ALERT=SSL peer reports incorrect Message Authentication Code. +SSL_ERROR_BAD_CERT_ALERT=SSL peer cannot verify your certificate. +SSL_ERROR_REVOKED_CERT_ALERT=SSL peer rejected your certificate as revoked. +SSL_ERROR_EXPIRED_CERT_ALERT=SSL peer rejected your certificate as expired. +SSL_ERROR_SSL_DISABLED=Cannot connect: SSL is disabled. +SSL_ERROR_FORTEZZA_PQG=Cannot connect: SSL peer is in another FORTEZZA domain. +SSL_ERROR_UNKNOWN_CIPHER_SUITE=An unknown SSL cipher suite has been requested. +SSL_ERROR_NO_CIPHERS_SUPPORTED=No cipher suites are present and enabled in this program. +SSL_ERROR_BAD_BLOCK_PADDING=SSL received a record with bad block padding. +SSL_ERROR_RX_RECORD_TOO_LONG=SSL received a record that exceeded the maximum permissible length. +SSL_ERROR_TX_RECORD_TOO_LONG=SSL attempted to send a record that exceeded the maximum permissible length. +SSL_ERROR_RX_MALFORMED_HELLO_REQUEST=SSL received a malformed Hello Request handshake message. +SSL_ERROR_RX_MALFORMED_CLIENT_HELLO=SSL received a malformed Client Hello handshake message. +SSL_ERROR_RX_MALFORMED_SERVER_HELLO=SSL received a malformed Server Hello handshake message. +SSL_ERROR_RX_MALFORMED_CERTIFICATE=SSL received a malformed Certificate handshake message. +SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH=SSL received a malformed Server Key Exchange handshake message. +SSL_ERROR_RX_MALFORMED_CERT_REQUEST=SSL received a malformed Certificate Request handshake message. +SSL_ERROR_RX_MALFORMED_HELLO_DONE=SSL received a malformed Server Hello Done handshake message. +SSL_ERROR_RX_MALFORMED_CERT_VERIFY=SSL received a malformed Certificate Verify handshake message. +SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH=SSL received a malformed Client Key Exchange handshake message. +SSL_ERROR_RX_MALFORMED_FINISHED=SSL received a malformed Finished handshake message. +SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER=SSL received a malformed Change Cipher Spec record. +SSL_ERROR_RX_MALFORMED_ALERT=SSL received a malformed Alert record. +SSL_ERROR_RX_MALFORMED_HANDSHAKE=SSL received a malformed Handshake record. +SSL_ERROR_RX_MALFORMED_APPLICATION_DATA=SSL received a malformed Application Data record. +SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST=SSL received an unexpected Hello Request handshake message. +SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO=SSL received an unexpected Client Hello handshake message. +SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO=SSL received an unexpected Server Hello handshake message. +SSL_ERROR_RX_UNEXPECTED_CERTIFICATE=SSL received an unexpected Certificate handshake message. +SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH=SSL received an unexpected Server Key Exchange handshake message. +SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST=SSL received an unexpected Certificate Request handshake message. +SSL_ERROR_RX_UNEXPECTED_HELLO_DONE=SSL received an unexpected Server Hello Done handshake message. +SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY=SSL received an unexpected Certificate Verify handshake message. +SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH=SSL received an unexpected Client Key Exchange handshake message. +SSL_ERROR_RX_UNEXPECTED_FINISHED=SSL received an unexpected Finished handshake message. +SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER=SSL received an unexpected Change Cipher Spec record. +SSL_ERROR_RX_UNEXPECTED_ALERT=SSL received an unexpected Alert record. +SSL_ERROR_RX_UNEXPECTED_HANDSHAKE=SSL received an unexpected Handshake record. +SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA=SSL received an unexpected Application Data record. +SSL_ERROR_RX_UNKNOWN_RECORD_TYPE=SSL received a record with an unknown content type. +SSL_ERROR_RX_UNKNOWN_HANDSHAKE=SSL received a handshake message with an unknown message type. +SSL_ERROR_RX_UNKNOWN_ALERT=SSL received an alert record with an unknown alert description. +SSL_ERROR_CLOSE_NOTIFY_ALERT=SSL peer has closed this connection. +SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT=SSL peer was not expecting a handshake message it received. +SSL_ERROR_DECOMPRESSION_FAILURE_ALERT=SSL peer was unable to successfully decompress an SSL record it received. +SSL_ERROR_HANDSHAKE_FAILURE_ALERT=SSL peer was unable to negotiate an acceptable set of security parameters. +SSL_ERROR_ILLEGAL_PARAMETER_ALERT=SSL peer rejected a handshake message for unacceptable content. +SSL_ERROR_UNSUPPORTED_CERT_ALERT=SSL peer does not support certificates of the type it received. +SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT=SSL peer had some unspecified issue with the certificate it received. +SSL_ERROR_GENERATE_RANDOM_FAILURE=SSL experienced a failure of its random number generator. +SSL_ERROR_SIGN_HASHES_FAILURE=Unable to digitally sign data required to verify your certificate. +SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE=SSL was unable to extract the public key from the peer's certificate. +SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE=Unspecified failure while processing SSL Server Key Exchange handshake. +SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE=Unspecified failure while processing SSL Client Key Exchange handshake. +SSL_ERROR_ENCRYPTION_FAILURE=Bulk data encryption algorithm failed in selected cipher suite. +SSL_ERROR_DECRYPTION_FAILURE=Bulk data decryption algorithm failed in selected cipher suite. +SSL_ERROR_SOCKET_WRITE_FAILURE=Attempt to write encrypted data to underlying socket failed. +SSL_ERROR_MD5_DIGEST_FAILURE=MD5 digest function failed. +SSL_ERROR_SHA_DIGEST_FAILURE=SHA-1 digest function failed. +SSL_ERROR_MAC_COMPUTATION_FAILURE=MAC computation failed. +SSL_ERROR_SYM_KEY_CONTEXT_FAILURE=Failure to create Symmetric Key context. +SSL_ERROR_SYM_KEY_UNWRAP_FAILURE=Failure to unwrap the Symmetric key in Client Key Exchange message. +SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED=SSL Server attempted to use domestic-grade public key with export cipher suite. +SSL_ERROR_IV_PARAM_FAILURE=PKCS11 code failed to translate an IV into a param. +SSL_ERROR_INIT_CIPHER_SUITE_FAILURE=Failed to initialise the selected cipher suite. +SSL_ERROR_SESSION_KEY_GEN_FAILURE=Client failed to generate session keys for SSL session. +SSL_ERROR_NO_SERVER_KEY_FOR_ALG=Server has no key for the attempted key exchange algorithm. +SSL_ERROR_TOKEN_INSERTION_REMOVAL=PKCS#11 token was inserted or removed while operation was in progress. +SSL_ERROR_TOKEN_SLOT_NOT_FOUND=No PKCS#11 token could be found to do a required operation. +SSL_ERROR_NO_COMPRESSION_OVERLAP=Cannot communicate securely with peer: no common compression algorithm(s). +SSL_ERROR_HANDSHAKE_NOT_COMPLETED=Cannot initiate another SSL handshake until current handshake is complete. +SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE=Received incorrect handshakes hash values from peer. +SSL_ERROR_CERT_KEA_MISMATCH=The certificate provided cannot be used with the selected key exchange algorithm. +SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA=No certificate authority is trusted for SSL client authentication. +SSL_ERROR_SESSION_NOT_FOUND=Client's SSL session ID not found in server's session cache. +SSL_ERROR_DECRYPTION_FAILED_ALERT=Peer was unable to decrypt an SSL record it received. +SSL_ERROR_RECORD_OVERFLOW_ALERT=Peer received an SSL record that was longer than is permitted. +SSL_ERROR_UNKNOWN_CA_ALERT=Peer does not recognise and trust the CA that issued your certificate. +SSL_ERROR_ACCESS_DENIED_ALERT=Peer received a valid certificate, but access was denied. +SSL_ERROR_DECODE_ERROR_ALERT=Peer could not decode an SSL handshake message. +SSL_ERROR_DECRYPT_ERROR_ALERT=Peer reports failure of signature verification or key exchange. +SSL_ERROR_EXPORT_RESTRICTION_ALERT=Peer reports negotiation not in compliance with export regulations. +SSL_ERROR_PROTOCOL_VERSION_ALERT=Peer reports incompatible or unsupported protocol version. +SSL_ERROR_INSUFFICIENT_SECURITY_ALERT=Server requires ciphers more secure than those supported by client. +SSL_ERROR_INTERNAL_ERROR_ALERT=Peer reports it experienced an internal error. +SSL_ERROR_USER_CANCELED_ALERT=Peer user cancelled handshake. +SSL_ERROR_NO_RENEGOTIATION_ALERT=Peer does not permit renegotiation of SSL security parameters. +SSL_ERROR_SERVER_CACHE_NOT_CONFIGURED=SSL server cache not configured and not disabled for this socket. +SSL_ERROR_UNSUPPORTED_EXTENSION_ALERT=SSL peer does not support requested TLS hello extension. +SSL_ERROR_CERTIFICATE_UNOBTAINABLE_ALERT=SSL peer could not obtain your certificate from the supplied URL. +SSL_ERROR_UNRECOGNIZED_NAME_ALERT=SSL peer has no certificate for the requested DNS name. +SSL_ERROR_BAD_CERT_STATUS_RESPONSE_ALERT=SSL peer was unable to get an OCSP response for its certificate. +SSL_ERROR_BAD_CERT_HASH_VALUE_ALERT=SSL peer reported bad certificate hash value. +SSL_ERROR_RX_UNEXPECTED_NEW_SESSION_TICKET=SSL received an unexpected New Session Ticket handshake message. +SSL_ERROR_RX_MALFORMED_NEW_SESSION_TICKET=SSL received a malformed New Session Ticket handshake message. +SSL_ERROR_DECOMPRESSION_FAILURE=SSL received a compressed record that could not be decompressed. +SSL_ERROR_RENEGOTIATION_NOT_ALLOWED=Renegotiation is not allowed on this SSL socket. +SSL_ERROR_UNSAFE_NEGOTIATION=Peer attempted old style (potentially vulnerable) handshake. +SSL_ERROR_RX_UNEXPECTED_UNCOMPRESSED_RECORD=SSL received an unexpected uncompressed record. +SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY=SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. +SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID=SSL received invalid NPN extension data. +SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SSL2=SSL feature not supported for SSL 2.0 connections. +SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SERVERS=SSL feature not supported for servers. +SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_CLIENTS=SSL feature not supported for clients. +SSL_ERROR_INVALID_VERSION_RANGE=SSL version range is not valid. +SSL_ERROR_CIPHER_DISALLOWED_FOR_VERSION=SSL peer selected a cipher suite disallowed for the selected protocol version. +SSL_ERROR_RX_MALFORMED_HELLO_VERIFY_REQUEST=SSL received a malformed Hello Verify Request handshake message. +SSL_ERROR_RX_UNEXPECTED_HELLO_VERIFY_REQUEST=SSL received an unexpected Hello Verify Request handshake message. +SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_VERSION=SSL feature not supported for the protocol version. +SSL_ERROR_RX_UNEXPECTED_CERT_STATUS=SSL received an unexpected Certificate Status handshake message. +SSL_ERROR_UNSUPPORTED_HASH_ALGORITHM=Unsupported hash algorithm used by TLS peer. +SSL_ERROR_DIGEST_FAILURE=Digest function failed. +SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM=Incorrect signature algorithm specified in a digitally-signed element. +SSL_ERROR_NEXT_PROTOCOL_NO_CALLBACK=The next protocol negotiation extension was enabled, but the callback was cleared prior to being needed. +SSL_ERROR_NEXT_PROTOCOL_NO_PROTOCOL=The server supports no protocols that the client advertises in the ALPN extension. +SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT=The server rejected the handshake because the client downgraded to a lower TLS version than the server supports. +SSL_ERROR_WEAK_SERVER_CERT_KEY=The server certificate included a public key that was too weak. +SSL_ERROR_RX_SHORT_DTLS_READ=Not enough room in buffer for DTLS record. +SSL_ERROR_NO_SUPPORTED_SIGNATURE_ALGORITHM=No supported TLS signature algorithm was configured. +SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM=The peer used an unsupported combination of signature and hash algorithm. +SSL_ERROR_MISSING_EXTENDED_MASTER_SECRET=The peer tried to resume without a correct extended_master_secret extension. +SSL_ERROR_UNEXPECTED_EXTENDED_MASTER_SECRET=The peer tried to resume with an unexpected extended_master_secret extension. +SEC_ERROR_IO=An I/O error occurred during security authorisation. +SEC_ERROR_LIBRARY_FAILURE=security library failure. +SEC_ERROR_BAD_DATA=security library: received bad data. +SEC_ERROR_OUTPUT_LEN=security library: output length error. +SEC_ERROR_INPUT_LEN=security library has experienced an input length error. +SEC_ERROR_INVALID_ARGS=security library: invalid arguments. +SEC_ERROR_INVALID_ALGORITHM=security library: invalid algorithm. +SEC_ERROR_INVALID_AVA=security library: invalid AVA. +SEC_ERROR_INVALID_TIME=Improperly formatted time string. +SEC_ERROR_BAD_DER=security library: improperly formatted DER-encoded message. +SEC_ERROR_BAD_SIGNATURE=Peer's certificate has an invalid signature. +SEC_ERROR_EXPIRED_CERTIFICATE=Peer's Certificate has expired. +SEC_ERROR_REVOKED_CERTIFICATE=Peer's Certificate has been revoked. +SEC_ERROR_UNKNOWN_ISSUER=Peer's Certificate issuer is not recognised. +SEC_ERROR_BAD_KEY=Peer's public key is invalid. +SEC_ERROR_BAD_PASSWORD=The security password entered is incorrect. +SEC_ERROR_RETRY_PASSWORD=New password entered incorrectly. Please try again. +SEC_ERROR_NO_NODELOCK=security library: no nodelock. +SEC_ERROR_BAD_DATABASE=security library: bad database. +SEC_ERROR_NO_MEMORY=security library: memory allocation failure. +SEC_ERROR_UNTRUSTED_ISSUER=Peer's certificate issuer has been marked as not trusted by the user. +SEC_ERROR_UNTRUSTED_CERT=Peer's certificate has been marked as not trusted by the user. +SEC_ERROR_DUPLICATE_CERT=Certificate already exists in your database. +SEC_ERROR_DUPLICATE_CERT_NAME=Downloaded certificate's name duplicates one already in your database. +SEC_ERROR_ADDING_CERT=Error adding certificate to database. +SEC_ERROR_FILING_KEY=Error refiling the key for this certificate. +SEC_ERROR_NO_KEY=The private key for this certificate cannot be found in key database +SEC_ERROR_CERT_VALID=This certificate is valid. +SEC_ERROR_CERT_NOT_VALID=This certificate is not valid. +SEC_ERROR_CERT_NO_RESPONSE=Cert Library: No Response +SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE=The certificate issuer's certificate has expired. Check your system date and time. +SEC_ERROR_CRL_EXPIRED=The CRL for the certificate's issuer has expired. Update it or check your system date and time. +SEC_ERROR_CRL_BAD_SIGNATURE=The CRL for the certificate's issuer has an invalid signature. +SEC_ERROR_CRL_INVALID=New CRL has an invalid format. +SEC_ERROR_EXTENSION_VALUE_INVALID=Certificate extension value is invalid. +SEC_ERROR_EXTENSION_NOT_FOUND=Certificate extension not found. +SEC_ERROR_CA_CERT_INVALID=Issuer certificate is invalid. +SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID=Certificate path length constraint is invalid. +SEC_ERROR_CERT_USAGES_INVALID=Certificate usages field is invalid. +SEC_INTERNAL_ONLY=**Internal ONLY module** +SEC_ERROR_INVALID_KEY=The key does not support the requested operation. +SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION=Certificate contains unknown critical extension. +SEC_ERROR_OLD_CRL=New CRL is not later than the current one. +SEC_ERROR_NO_EMAIL_CERT=Not encrypted or signed: you do not yet have an email certificate. +SEC_ERROR_NO_RECIPIENT_CERTS_QUERY=Not encrypted: you do not have certificates for each of the recipients. +SEC_ERROR_NOT_A_RECIPIENT=Cannot decrypt: you are not a recipient, or matching certificate and private key not found. +SEC_ERROR_PKCS7_KEYALG_MISMATCH=Cannot decrypt: key encryption algorithm does not match your certificate. +SEC_ERROR_PKCS7_BAD_SIGNATURE=Signature verification failed: no signer found, too many signers found, or improper or corrupted data. +SEC_ERROR_UNSUPPORTED_KEYALG=Unsupported or unknown key algorithm. +SEC_ERROR_DECRYPTION_DISALLOWED=Cannot decrypt: encrypted using a disallowed algorithm or key size. +XP_SEC_FORTEZZA_BAD_CARD=Fortezza card has not been properly initialised. Please remove it and return it to your issuer. +XP_SEC_FORTEZZA_NO_CARD=No Fortezza cards Found +XP_SEC_FORTEZZA_NONE_SELECTED=No Fortezza card selected +XP_SEC_FORTEZZA_MORE_INFO=Please select a personality to get more info on +XP_SEC_FORTEZZA_PERSON_NOT_FOUND=Personality not found +XP_SEC_FORTEZZA_NO_MORE_INFO=No more information on that Personality +XP_SEC_FORTEZZA_BAD_PIN=Invalid Pin +XP_SEC_FORTEZZA_PERSON_ERROR=Couldn't initialise Fortezza personalities. +SEC_ERROR_NO_KRL=No KRL for this site's certificate has been found. +SEC_ERROR_KRL_EXPIRED=The KRL for this site's certificate has expired. +SEC_ERROR_KRL_BAD_SIGNATURE=The KRL for this site's certificate has an invalid signature. +SEC_ERROR_REVOKED_KEY=The key for this site's certificate has been revoked. +SEC_ERROR_KRL_INVALID=New KRL has an invalid format. +SEC_ERROR_NEED_RANDOM=security library: need random data. +SEC_ERROR_NO_MODULE=security library: no security module can perform the requested operation. +SEC_ERROR_NO_TOKEN=The security card or token does not exist, needs to be initialised, or has been removed. +SEC_ERROR_READ_ONLY=security library: read-only database. +SEC_ERROR_NO_SLOT_SELECTED=No slot or token was selected. +SEC_ERROR_CERT_NICKNAME_COLLISION=A certificate with the same nickname already exists. +SEC_ERROR_KEY_NICKNAME_COLLISION=A key with the same nickname already exists. +SEC_ERROR_SAFE_NOT_CREATED=error while creating safe object +SEC_ERROR_BAGGAGE_NOT_CREATED=error while creating baggage object +XP_JAVA_REMOVE_PRINCIPAL_ERROR=Couldn't remove the principal +XP_JAVA_DELETE_PRIVILEGE_ERROR=Couldn't delete the privilege +XP_JAVA_CERT_NOT_EXISTS_ERROR=This principal doesn't have a certificate +SEC_ERROR_BAD_EXPORT_ALGORITHM=Required algorithm is not allowed. +SEC_ERROR_EXPORTING_CERTIFICATES=Error attempting to export certificates. +SEC_ERROR_IMPORTING_CERTIFICATES=Error attempting to import certificates. +SEC_ERROR_PKCS12_DECODING_PFX=Unable to import. Decoding error. File not valid. +SEC_ERROR_PKCS12_INVALID_MAC=Unable to import. Invalid MAC. Incorrect password or corrupt file. +SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM=Unable to import. MAC algorithm not supported. +SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE=Unable to import. Only password integrity and privacy modes supported. +SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE=Unable to import. File structure is corrupt. +SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM=Unable to import. Encryption algorithm not supported. +SEC_ERROR_PKCS12_UNSUPPORTED_VERSION=Unable to import. File version not supported. +SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT=Unable to import. Incorrect privacy password. +SEC_ERROR_PKCS12_CERT_COLLISION=Unable to import. Same nickname already exists in database. +SEC_ERROR_USER_CANCELLED=The user pressed cancel. +SEC_ERROR_PKCS12_DUPLICATE_DATA=Not imported, already in database. +SEC_ERROR_MESSAGE_SEND_ABORTED=Message not sent. +SEC_ERROR_INADEQUATE_KEY_USAGE=Certificate key usage inadequate for attempted operation. +SEC_ERROR_INADEQUATE_CERT_TYPE=Certificate type not approved for application. +SEC_ERROR_CERT_ADDR_MISMATCH=Address in signing certificate does not match address in message headers. +SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY=Unable to import. Error attempting to import private key. +SEC_ERROR_PKCS12_IMPORTING_CERT_CHAIN=Unable to import. Error attempting to import certificate chain. +SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME=Unable to export. Unable to locate certificate or key by nickname. +SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY=Unable to export. Private Key could not be located and exported. +SEC_ERROR_PKCS12_UNABLE_TO_WRITE=Unable to export. Unable to write the export file. +SEC_ERROR_PKCS12_UNABLE_TO_READ=Unable to import. Unable to read the import file. +SEC_ERROR_PKCS12_KEY_DATABASE_NOT_INITIALIZED=Unable to export. Key database corrupt or deleted. +SEC_ERROR_KEYGEN_FAIL=Unable to generate public/private key pair. +SEC_ERROR_INVALID_PASSWORD=Password entered is invalid. Please pick a different one. +SEC_ERROR_RETRY_OLD_PASSWORD=Old password entered incorrectly. Please try again. +SEC_ERROR_BAD_NICKNAME=Certificate nickname already in use. +SEC_ERROR_NOT_FORTEZZA_ISSUER=Peer FORTEZZA chain has a non-FORTEZZA Certificate. +SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY=A sensitive key cannot be moved to the slot where it is needed. +SEC_ERROR_JS_INVALID_MODULE_NAME=Invalid module name. +SEC_ERROR_JS_INVALID_DLL=Invalid module path/filename +SEC_ERROR_JS_ADD_MOD_FAILURE=Unable to add module +SEC_ERROR_JS_DEL_MOD_FAILURE=Unable to delete module +SEC_ERROR_OLD_KRL=New KRL is not later than the current one. +SEC_ERROR_CKL_CONFLICT=New CKL has different issuer than current CKL. Delete current CKL. +SEC_ERROR_CERT_NOT_IN_NAME_SPACE=The Certifying Authority for this certificate is not permitted to issue a certificate with this name. +SEC_ERROR_KRL_NOT_YET_VALID=The key revocation list for this certificate is not yet valid. +SEC_ERROR_CRL_NOT_YET_VALID=The certificate revocation list for this certificate is not yet valid. +SEC_ERROR_UNKNOWN_CERT=The requested certificate could not be found. +SEC_ERROR_UNKNOWN_SIGNER=The signer's certificate could not be found. +SEC_ERROR_CERT_BAD_ACCESS_LOCATION=The location for the certificate status server has invalid format. +SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE=The OCSP response cannot be fully decoded; it is of an unknown type. +SEC_ERROR_OCSP_BAD_HTTP_RESPONSE=The OCSP server returned unexpected/invalid HTTP data. +SEC_ERROR_OCSP_MALFORMED_REQUEST=The OCSP server found the request to be corrupted or improperly formed. +SEC_ERROR_OCSP_SERVER_ERROR=The OCSP server experienced an internal error. +SEC_ERROR_OCSP_TRY_SERVER_LATER=The OCSP server suggests trying again later. +SEC_ERROR_OCSP_REQUEST_NEEDS_SIG=The OCSP server requires a signature on this request. +SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST=The OCSP server has refused this request as unauthorised. +SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS=The OCSP server returned an unrecognisable status. +SEC_ERROR_OCSP_UNKNOWN_CERT=The OCSP server has no status for the certificate. +SEC_ERROR_OCSP_NOT_ENABLED=You must enable OCSP before performing this operation. +SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER=You must set the OCSP default responder before performing this operation. +SEC_ERROR_OCSP_MALFORMED_RESPONSE=The response from the OCSP server was corrupted or improperly formed. +SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE=The signer of the OCSP response is not authorised to give status for this certificate. +SEC_ERROR_OCSP_FUTURE_RESPONSE=The OCSP response is not yet valid (contains a date in the future). +SEC_ERROR_OCSP_OLD_RESPONSE=The OCSP response contains out-of-date information. +SEC_ERROR_DIGEST_NOT_FOUND=The CMS or PKCS #7 Digest was not found in signed message. +SEC_ERROR_UNSUPPORTED_MESSAGE_TYPE=The CMS or PKCS #7 Message type is unsupported. +SEC_ERROR_MODULE_STUCK=PKCS #11 module could not be removed because it is still in use. +SEC_ERROR_BAD_TEMPLATE=Could not decode ASN.1 data. Specified template was invalid. +SEC_ERROR_CRL_NOT_FOUND=No matching CRL was found. +SEC_ERROR_REUSED_ISSUER_AND_SERIAL=You are attempting to import a cert with the same issuer/serial as an existing cert, but that is not the same cert. +SEC_ERROR_BUSY=NSS could not shutdown. Objects are still in use. +SEC_ERROR_EXTRA_INPUT=DER-encoded message contained extra unused data. +SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE=Unsupported elliptic curve. +SEC_ERROR_UNSUPPORTED_EC_POINT_FORM=Unsupported elliptic curve point form. +SEC_ERROR_UNRECOGNIZED_OID=Unrecognised Object Identifier. +SEC_ERROR_OCSP_INVALID_SIGNING_CERT=Invalid OCSP signing certificate in OCSP response. +SEC_ERROR_REVOKED_CERTIFICATE_CRL=Certificate is revoked in issuer's certificate revocation list. +SEC_ERROR_REVOKED_CERTIFICATE_OCSP=Issuer's OCSP responder reports certificate is revoked. +SEC_ERROR_CRL_INVALID_VERSION=Issuer's Certificate Revocation List has an unknown version number. +SEC_ERROR_CRL_V1_CRITICAL_EXTENSION=Issuer's V1 Certificate Revocation List has a critical extension. +SEC_ERROR_CRL_UNKNOWN_CRITICAL_EXTENSION=Issuer's V2 Certificate Revocation List has an unknown critical extension. +SEC_ERROR_UNKNOWN_OBJECT_TYPE=Unknown object type specified. +SEC_ERROR_INCOMPATIBLE_PKCS11=PKCS #11 driver violates the spec in an incompatible way. +SEC_ERROR_NO_EVENT=No new slot event is available at this time. +SEC_ERROR_CRL_ALREADY_EXISTS=CRL already exists. +SEC_ERROR_NOT_INITIALIZED=NSS is not initialised. +SEC_ERROR_TOKEN_NOT_LOGGED_IN=The operation failed because the PKCS#11 token is not logged in. +SEC_ERROR_OCSP_RESPONDER_CERT_INVALID=Configured OCSP responder's certificate is invalid. +SEC_ERROR_OCSP_BAD_SIGNATURE=OCSP response has an invalid signature. +SEC_ERROR_OUT_OF_SEARCH_LIMITS=Certificate validation search is out of search limits +SEC_ERROR_INVALID_POLICY_MAPPING=Policy mapping contains anypolicy +SEC_ERROR_POLICY_VALIDATION_FAILED=Certificate chain fails policy validation +SEC_ERROR_UNKNOWN_AIA_LOCATION_TYPE=Unknown location type in cert AIA extension +SEC_ERROR_BAD_HTTP_RESPONSE=Server returned bad HTTP response +SEC_ERROR_BAD_LDAP_RESPONSE=Server returned bad LDAP response +SEC_ERROR_FAILED_TO_ENCODE_DATA=Failed to encode data with ASN1 encoder +SEC_ERROR_BAD_INFO_ACCESS_LOCATION=Bad information access location in certificate extension +SEC_ERROR_LIBPKIX_INTERNAL=Libpkix internal error occured during certificate validation. +SEC_ERROR_PKCS11_GENERAL_ERROR=A PKCS #11 module returned CKR_GENERAL_ERROR, indicating that an unrecoverable error has occurred. +SEC_ERROR_PKCS11_FUNCTION_FAILED=A PKCS #11 module returned CKR_FUNCTION_FAILED, indicating that the requested function could not be performed. Trying the same operation again might succeed. +SEC_ERROR_PKCS11_DEVICE_ERROR=A PKCS #11 module returned CKR_DEVICE_ERROR, indicating that a problem has occurred with the token or slot. +SEC_ERROR_BAD_INFO_ACCESS_METHOD=Unknown information access method in certificate extension. +SEC_ERROR_CRL_IMPORT_FAILED=Error attempting to import a CRL. +SEC_ERROR_EXPIRED_PASSWORD=The password expired. +SEC_ERROR_LOCKED_PASSWORD=The password is locked. +SEC_ERROR_UNKNOWN_PKCS11_ERROR=Unknown PKCS #11 error. +SEC_ERROR_BAD_CRL_DP_URL=Invalid or unsupported URL in CRL distribution point name. +SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED=The certificate was signed using an signature algorithm that is disabled because it is not secure. +MOZILLA_PKIX_ERROR_KEY_PINNING_FAILURE=The server uses key pinning (HPKP) but no trusted certificate chain could be constructed that matches the pinset. Key pinning violations cannot be overridden. +MOZILLA_PKIX_ERROR_CA_CERT_USED_AS_END_ENTITY=The server uses a certificate with a basic constraints extension identifying it as a certificate authority. For a properly-issued certificate, this should not be the case. +MOZILLA_PKIX_ERROR_INADEQUATE_KEY_SIZE=The server presented a certificate with a key size that is too small to establish a secure connection. +MOZILLA_PKIX_ERROR_V1_CERT_USED_AS_CA=An X.509 version 1 certificate that is not a trust anchor was used to issue the server's certificate. X.509 version 1 certificates are deprecated and should not be used to sign other certificates. +MOZILLA_PKIX_ERROR_NOT_YET_VALID_CERTIFICATE=The server presented a certificate that is not yet valid. +MOZILLA_PKIX_ERROR_NOT_YET_VALID_ISSUER_CERTIFICATE=A certificate that is not yet valid was used to issue the server's certificate. +MOZILLA_PKIX_ERROR_SIGNATURE_ALGORITHM_MISMATCH=The signature algorithm in the signature field of the certificate does not match the algorithm in its signatureAlgorithm field. +MOZILLA_PKIX_ERROR_OCSP_RESPONSE_FOR_CERT_MISSING=The OCSP response does not include a status for the certificate being verified. +MOZILLA_PKIX_ERROR_VALIDITY_TOO_LONG=The server presented a certificate that is valid for too long. +MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING=A required TLS feature is missing. +MOZILLA_PKIX_ERROR_INVALID_INTEGER_ENCODING=The server presented a certificate that contains an invalid encoding of an integer. Common causes include negative serial numbers, negative RSA moduli, and encodings that are longer than necessary. +MOZILLA_PKIX_ERROR_EMPTY_ISSUER_NAME=The server presented a certificate with an empty issuer distinguished name. +MOZILLA_PKIX_ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED=An additional policy constraint failed when validating this certificate. +MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT=The certificate is not trusted because it is self-signed. diff --git a/l10n-en-GB/security/manager/chrome/pipnss/pipnss.properties b/l10n-en-GB/security/manager/chrome/pipnss/pipnss.properties new file mode 100644 index 0000000000..8953a410c3 --- /dev/null +++ b/l10n-en-GB/security/manager/chrome/pipnss/pipnss.properties @@ -0,0 +1,136 @@ +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +CertPasswordPrompt=Please enter the password for the PKCS#11 token %S. + +CertPasswordPromptDefault=Please enter your Primary Password. + +# The following strings have special requirements: they must fit in a 32 or 64 +# bytes buffer after being encoded to UTF-8. +# +# It's possible to verify the length of a translation using the Browser Console +# in Firefox and evaluating the following code: +# +# (new TextEncoder('utf-8').encode('YOURSTRING')).length +# +# Simply replace YOURSTRING with your translation. +# +# If it's not possible to produce an understandable translation within these +# limits, keeping the English text is an acceptable workaround. + +# The following strings have special requirements: they must fit in a 32 or 64 +# bytes buffer after being encoded to UTF-8. +# +# It's possible to verify the length of a translation using the Browser Console +# in Firefox and evaluating the following code: +# +# (new TextEncoder().encode('YOURSTRING')).length +# +# Simply replace YOURSTRING with your translation. +# +# If it's not possible to produce an understandable translation within these +# limits, keeping the English text is an acceptable workaround. + +# LOCALIZATION NOTE (RootCertModuleName): string limit is 64 bytes after +# conversion to UTF-8. +# length_limit = 64 bytes +RootCertModuleName=Builtin Roots Module +# LOCALIZATION NOTE (ManufacturerID): string limit is 32 bytes after conversion +# to UTF-8. +# length_limit = 32 bytes +ManufacturerID=Mozilla.org +# LOCALIZATION NOTE (LibraryDescription): string limit is 32 bytes after +# conversion to UTF-8. +# length_limit = 32 bytes +LibraryDescription=PSM Internal Crypto Services +# LOCALIZATION NOTE (TokenDescription): string limit is 32 bytes after +# conversion to UTF-8. +# length_limit = 32 bytes +TokenDescription=Generic Crypto Services +# LOCALIZATION NOTE (PrivateTokenDescription): string limit is 32 bytes after +# conversion to UTF-8. +# length_limit = 32 bytes +PrivateTokenDescription=Software Security Device +# LOCALIZATION NOTE (SlotDescription): string limit is 64 bytes after conversion +# to UTF-8. +# length_limit = 64 bytes +SlotDescription=PSM Internal Cryptographic Services +# LOCALIZATION NOTE (PrivateSlotDescription): string limit is 64 bytes after +# conversion to UTF-8. +# length_limit = 64 bytes +PrivateSlotDescription=PSM Private Keys +# LOCALIZATION NOTE (Fips140TokenDescription): string limit is 32 bytes after +# conversion to UTF-8. +# length_limit = 32 bytes +Fips140TokenDescription=Software Security Device (FIPS) +# LOCALIZATION NOTE (Fips140SlotDescription): string limit is 64 bytes after +# conversion to UTF-8. +# length_limit = 64 bytes +Fips140SlotDescription=FIPS 140 Cryptographic, Key and Certificate Services + +# LOCALIZATION NOTE (nick_template): $1s is the common name from a cert (e.g. "Mozilla"), $2s is the CA name (e.g. VeriSign) +nick_template=%1$s's %2$s ID + +CertDumpKUSign=Signing +CertDumpKUNonRep=Non-repudiation +CertDumpKUEnc=Key Encipherment +CertDumpKUDEnc=Data Encipherment +CertDumpKUKA=Key Agreement +CertDumpKUCertSign=Certificate Signer +CertDumpKUCRLSigner=CRL Signer + +PSMERR_SSL_Disabled=Can't connect securely because the SSL protocol has been disabled. +PSMERR_SSL2_Disabled=Can't connect securely because the site uses an older, insecure version of the SSL protocol. +PSMERR_HostReusedIssuerSerial=You have received an invalid certificate. Please contact the server administrator or email correspondent and give them the following information:\n\nYour certificate contains the same serial number as another certificate issued by the certificate authority. Please get a new certificate containing a unique serial number. + +# LOCALIZATION NOTE (SSLConnectionErrorPrefix2): %1$S is the host string, %2$S is more detailed information (localized as well). +SSLConnectionErrorPrefix2=An error occurred during a connection to %1$S. %2$S\n + +certErrorIntro=%S uses an invalid security certificate. + +certErrorTrust_SelfSigned=The certificate is not trusted because it is self-signed. +certErrorTrust_UnknownIssuer=The certificate is not trusted because the issuer certificate is unknown. +certErrorTrust_UnknownIssuer2=The server might not be sending the appropriate intermediate certificates. +certErrorTrust_UnknownIssuer3=An additional root certificate may need to be imported. +certErrorTrust_CaInvalid=The certificate is not trusted because it was issued by an invalid CA certificate. +certErrorTrust_Issuer=The certificate is not trusted because the issuer certificate is not trusted. +certErrorTrust_SignatureAlgorithmDisabled=The certificate is not trusted because it was signed using a signature algorithm that was disabled because that algorithm is not secure. +certErrorTrust_ExpiredIssuer=The certificate is not trusted because the issuer certificate has expired. +certErrorTrust_Untrusted=The certificate does not come from a trusted source. +certErrorTrust_MitM=Your connection is being intercepted by a TLS proxy. Uninstall it if possible or configure your device to trust its root certificate. + +certErrorMismatch=The certificate is not valid for the name %S. +# LOCALIZATION NOTE (certErrorMismatchSinglePrefix): %S is replaced by the domain for which the certificate is valid +certErrorMismatchSinglePrefix=The certificate is only valid for %S. +certErrorMismatchMultiple=The certificate is only valid for the following names: + +# LOCALIZATION NOTE (certErrorExpiredNow): Do not translate %1$S (date+time of expired certificate) or %2$S (current date+time) +certErrorExpiredNow=The certificate expired on %1$S. The current time is %2$S. + +# LOCALIZATION NOTE (certErrorNotYetValidNow): Do not translate %1$S (date+time certificate will become valid) or %2$S (current date+time) +certErrorNotYetValidNow=The certificate will not be valid until %1$S. The current time is %2$S. + +certErrorMitM=Web sites prove their identity via certificates, which are issued by certificate authorities. +# LOCALIZATION NOTE (certErrorMitM2): %S is brandShortName +certErrorMitM2=%S is backed by the non-profit Mozilla, which administers a completely open certificate authority (CA) store. The CA store helps ensure that certificate authorities are following best practices for user security. +# LOCALIZATION NOTE (certErrorMitM3): %S is brandShortName +certErrorMitM3=%S uses the Mozilla CA store to verify that a connection is secure, rather than certificates supplied by the user’s operating system. So, if an antivirus program or a network is intercepting a connection with a security certificate issued by a CA that is not in the Mozilla CA store, the connection is considered unsafe. + +certErrorSymantecDistrustAdministrator=You may notify the web site’s administrator about this problem. + +# LOCALIZATION NOTE (certErrorCodePrefix3): %S is replaced by the error code. +certErrorCodePrefix3=Error code: %S + +P12DefaultNickname=Imported Certificate +CertUnknown=Unknown +CertNoEmailAddress=(no email address) +CaCertExists=This certificate is already installed as a certificate authority. +NotACACert=This is not a certificate authority certificate, so it can't be imported into the certificate authority list. +UserCertIgnoredNoPrivateKey=This personal certificate can't be installed because you do not own the corresponding private key which was created when the certificate was requested. +UserCertImported=Your personal certificate has been installed. You should keep a backup copy of this certificate. +CertOrgUnknown=(Unknown) +CertNotStored=(Not Stored) +CertExceptionPermanent=Permanent +CertExceptionTemporary=Temporary diff --git a/l10n-en-GB/security/manager/chrome/pippki/pippki.properties b/l10n-en-GB/security/manager/chrome/pippki/pippki.properties new file mode 100644 index 0000000000..9a79994ed8 --- /dev/null +++ b/l10n-en-GB/security/manager/chrome/pippki/pippki.properties @@ -0,0 +1,75 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +# Download Cert dialog +# LOCALIZATION NOTE(newCAMessage1): +# %S is a string representative of the certificate being downloaded/imported. +newCAMessage1=Do you want to trust "%S" for the following purposes? +unnamedCA=Certificate Authority (unnamed) + +getPKCS12FilePasswordMessage=Please enter the password that was used to encrypt this certificate backup: + +# Client auth +clientAuthRemember=Remember this decision +# LOCALIZATION NOTE(clientAuthNickAndSerial): Represents a single cert when the +# user is choosing from a list of certificates. +# %1$S is the nickname of the cert. +# %2$S is the serial number of the cert in AA:BB:CC hex format. +clientAuthNickAndSerial=%1$S [%2$S] +# LOCALIZATION NOTE(clientAuthHostnameAndPort): +# %1$S is the hostname of the server. +# %2$S is the port of the server. +clientAuthHostnameAndPort=%1$S:%2$S +# LOCALIZATION NOTE(clientAuthMessage1): %S is the Organization of the server +# cert. +clientAuthMessage1=Organisation: "%S" +# LOCALIZATION NOTE(clientAuthMessage2): %S is the Organization of the issuer +# cert of the server cert. +clientAuthMessage2=Issued Under: "%S" +# LOCALIZATION NOTE(clientAuthIssuedTo): %1$S is the Distinguished Name of the +# currently selected client cert, such as "CN=John Doe,OU=Example" (without +# quotes). +clientAuthIssuedTo=Issued to: %1$S +# LOCALIZATION NOTE(clientAuthSerial): %1$S is the serial number of the selected +# cert in AA:BB:CC hex format. +clientAuthSerial=Serial number: %1$S +# LOCALIZATION NOTE(clientAuthValidityPeriod): +# %1$S is the already localized notBefore date of the selected cert. +# %2$S is the already localized notAfter date of the selected cert. +clientAuthValidityPeriod=Valid from %1$S to %2$S +# LOCALIZATION NOTE(clientAuthKeyUsages): %1$S is a comma separated list of +# already localized key usages the selected cert is valid for. +clientAuthKeyUsages=Key Usages: %1$S +# LOCALIZATION NOTE(clientAuthEmailAddresses): %1$S is a comma separated list of +# e-mail addresses the selected cert is valid for. +clientAuthEmailAddresses=Email addresses: %1$S +# LOCALIZATION NOTE(clientAuthIssuedBy): %1$S is the Distinguished Name of the +# cert which issued the selected cert. +clientAuthIssuedBy=Issued by: %1$S +# LOCALIZATION NOTE(clientAuthStoredOn): %1$S is the name of the PKCS #11 token +# the selected cert is stored on. +clientAuthStoredOn=Stored on: %1$S + +# Page Info +pageInfo_NoEncryption=Connection Not Encrypted +pageInfo_Privacy_None1=The web site %S does not support encryption for the page you are viewing. +pageInfo_Privacy_None2=Information sent over the Internet without encryption can be seen by other people while it is in transit. +pageInfo_Privacy_None4=The page you are viewing was not encrypted before being transmitted over the Internet. +# LOCALIZATION NOTE (pageInfo_EncryptionWithBitsAndProtocol and pageInfo_BrokenEncryption): +# %1$S is the name of the encryption standard, +# %2$S is the key size of the cipher. +# %3$S is protocol version like "SSL 3" or "TLS 1.2" +pageInfo_EncryptionWithBitsAndProtocol=Connection Encrypted (%1$S, %2$S bit keys, %3$S) +pageInfo_BrokenEncryption=Broken Encryption (%1$S, %2$S bit keys, %3$S) +pageInfo_Privacy_Encrypted1=The page you are viewing was encrypted before being transmitted over the Internet. +pageInfo_Privacy_Encrypted2=Encryption makes it difficult for unauthorised people to view information travelling between computers. It is therefore unlikely that anyone read this page as it travelled across the network. +pageInfo_MixedContent=Connection Partially Encrypted +pageInfo_MixedContent2=Parts of the page you are viewing were not encrypted before being transmitted over the Internet. +pageInfo_WeakCipher=Your connection to this web site uses weak encryption and is not private. Other people can view your information or modify the site's behaviour. +pageInfo_CertificateTransparency_Compliant=This web site complies with the Certificate Transparency policy. + +# Token Manager +password_not_set=(not set) +enable_fips=Enable FIPS + diff --git a/l10n-en-GB/security/manager/security/certificates/certManager.ftl b/l10n-en-GB/security/manager/security/certificates/certManager.ftl new file mode 100644 index 0000000000..3945de1f59 --- /dev/null +++ b/l10n-en-GB/security/manager/security/certificates/certManager.ftl @@ -0,0 +1,228 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +certmgr-title = + .title = Certificate Manager + +certmgr-tab-mine = + .label = Your Certificates + +certmgr-tab-remembered = + .label = Authentication Decisions + +certmgr-tab-people = + .label = People + +certmgr-tab-servers = + .label = Servers + +certmgr-tab-ca = + .label = Authorities + +certmgr-mine = You have certificates from these organisations that identify you +certmgr-remembered = These certificates are used to identify you to web sites +certmgr-people = You have certificates on file that identify these people +certmgr-server = These entries identify server certificate error exceptions +certmgr-ca = You have certificates on file that identify these certificate authorities + +certmgr-edit-ca-cert2 = + .title = Edit CA certificate trust settings + .style = min-width: 48em; + +certmgr-edit-cert-edit-trust = Edit trust settings: + +certmgr-edit-cert-trust-ssl = + .label = This certificate can identify web sites. + +certmgr-edit-cert-trust-email = + .label = This certificate can identify mail users. + +certmgr-delete-cert2 = + .title = Delete Certificate + .style = min-width: 48em; min-height: 24em; + +certmgr-cert-host = + .label = Host + +certmgr-cert-name = + .label = Certificate Name + +certmgr-cert-server = + .label = Server + +certmgr-token-name = + .label = Security Device + +certmgr-begins-label = + .label = Begins On + +certmgr-expires-label = + .label = Expires On + +certmgr-email = + .label = Email Address + +certmgr-serial = + .label = Serial Number + +certmgr-fingerprint-sha-256 = + .label = SHA-256 Fingerprint + +certmgr-view = + .label = View… + .accesskey = V + +certmgr-edit = + .label = Edit Trust… + .accesskey = E + +certmgr-export = + .label = Export… + .accesskey = x + +certmgr-delete = + .label = Delete… + .accesskey = D + +certmgr-delete-builtin = + .label = Delete or Distrust… + .accesskey = D + +certmgr-backup = + .label = Backup… + .accesskey = B + +certmgr-backup-all = + .label = Backup All… + .accesskey = k + +certmgr-restore = + .label = Import… + .accesskey = m + +certmgr-add-exception = + .label = Add Exception… + .accesskey = x + +exception-mgr = + .title = Add Security Exception + +exception-mgr-extra-button = + .label = Confirm Security Exception + .accesskey = C + +exception-mgr-supplemental-warning = Legitimate banks, stores, and other public sites will not ask you to do this. + +exception-mgr-cert-location-url = + .value = Location: + +exception-mgr-cert-location-download = + .label = Get Certificate + .accesskey = G + +exception-mgr-cert-status-view-cert = + .label = View… + .accesskey = V + +exception-mgr-permanent = + .label = Permanently store this exception + .accesskey = P + +pk11-bad-password = The password entered was incorrect. +pkcs12-decode-err = Failed to decode the file. Either it is not in PKCS #12 format, has been corrupted, or the password you entered was incorrect. +pkcs12-unknown-err-restore = Failed to restore the PKCS #12 file for unknown reasons. +pkcs12-unknown-err-backup = Failed to create the PKCS #12 backup file for unknown reasons. +pkcs12-unknown-err = The PKCS #12 operation failed for unknown reasons. +pkcs12-info-no-smartcard-backup = It is not possible to back up certificates from a hardware security device such as a smart card. +pkcs12-dup-data = The certificate and private key already exist on the security device. + +## PKCS#12 file dialogs + +choose-p12-backup-file-dialog = File Name to Backup +file-browse-pkcs12-spec = PKCS12 Files +choose-p12-restore-file-dialog = Certificate File to Import + +## Import certificate(s) file dialog + +file-browse-certificate-spec = Certificate Files +import-ca-certs-prompt = Select File containing CA certificate(s) to import +import-email-cert-prompt = Select File containing somebody's Email certificate to import + +## For editing certificates trust + +# Variables: +# $certName: the name of certificate +edit-trust-ca = The certificate "{ $certName }" represents a Certificate Authority. + +## For Deleting Certificates + +delete-user-cert-title = + .title = Delete your Certificates +delete-user-cert-confirm = Are you sure you want to delete these certificates? +delete-user-cert-impact = If you delete one of your own certificates, you can no longer use it to identify yourself. + + +delete-ssl-override-title = + .title = Delete Server Certificate Exception +delete-ssl-override-confirm = Are you sure you want to delete this server exception? +delete-ssl-override-impact = If you delete a server exception, you restore the usual security checks for that server and require it uses a valid certificate. + +delete-ca-cert-title = + .title = Delete or Distrust CA Certificates +delete-ca-cert-confirm = You have asked to delete these CA certificates. For built-in certificates all trust will be removed, which has the same effect. Are you sure you want to delete or distrust? +delete-ca-cert-impact = If you delete or distrust a certificate authority (CA) certificate, this application will no longer trust any certificates issued by that CA. + + +delete-email-cert-title = + .title = Delete Email Certificates +delete-email-cert-confirm = Are you sure you want to delete these people's email certificates? +delete-email-cert-impact = If you delete a person's email certificate, you will no longer be able to send encrypted email to that person. + +# Used for semi-uniquely representing a cert. +# +# Variables: +# $serialNumber : the serial number of the cert in AA:BB:CC hex format. +cert-with-serial = + .value = Certificate with serial number: { $serialNumber } + +# Used to indicate that the user chose not to send a client authentication certificate to a server that requested one in a TLS handshake. +send-no-client-certificate = Send no client certificate + +# Used when no cert is stored for an override +no-cert-stored-for-override = (Not Stored) + +# When a certificate is unavailable (for example, it has been deleted or the token it exists on has been removed). +certificate-not-available = (Unavailable) + +## Used to show whether an override is temporary or permanent + +permanent-override = Permanent +temporary-override = Temporary + +## Add Security Exception dialog + +add-exception-branded-warning = You are about to override how { -brand-short-name } identifies this site. +add-exception-invalid-header = This site attempts to identify itself with invalid information. +add-exception-domain-mismatch-short = Wrong Site +add-exception-domain-mismatch-long = The certificate belongs to a different site, which could mean that someone is trying to impersonate this site. +add-exception-expired-short = Outdated Information +add-exception-expired-long = The certificate is not currently valid. It may have been stolen or lost, and could be used by someone to impersonate this site. +add-exception-unverified-or-bad-signature-short = Unknown Identity +add-exception-unverified-or-bad-signature-long = The certificate is not trusted because it hasn't been verified as issued by a trusted authority using a secure signature. +add-exception-valid-short = Valid Certificate +add-exception-valid-long = This site provides valid, verified identification. There is no need to add an exception. +add-exception-checking-short = Checking Information +add-exception-checking-long = Attempting to identify this site… +add-exception-no-cert-short = No Information Available +add-exception-no-cert-long = Unable to obtain identification status for this site. + +## Certificate export "Save as" and error dialogs + +save-cert-as = Save Certificate To File +cert-format-base64 = X.509 Certificate (PEM) +cert-format-base64-chain = X.509 Certificate with chain (PEM) +cert-format-der = X.509 Certificate (DER) +cert-format-pkcs7 = X.509 Certificate (PKCS#7) +cert-format-pkcs7-chain = X.509 Certificate with chain (PKCS#7) +write-file-failure = File Error diff --git a/l10n-en-GB/security/manager/security/certificates/deviceManager.ftl b/l10n-en-GB/security/manager/security/certificates/deviceManager.ftl new file mode 100644 index 0000000000..a464fa2a58 --- /dev/null +++ b/l10n-en-GB/security/manager/security/certificates/deviceManager.ftl @@ -0,0 +1,133 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + + +## Strings used for device manager + +devmgr-window = + .title = Device Manager + .style = min-width: 67em; min-height: 32em; + +devmgr-devlist = + .label = Security Modules and Devices + +devmgr-header-details = + .label = Details + +devmgr-header-value = + .label = Value + +devmgr-button-login = + .label = Log In + .accesskey = n + +devmgr-button-logout = + .label = Log Out + .accesskey = O + +devmgr-button-changepw = + .label = Change Password + .accesskey = P + +devmgr-button-load = + .label = Load + .accesskey = L + +devmgr-button-unload = + .label = Unload + .accesskey = U + +devmgr-button-enable-fips = + .label = Enable FIPS + .accesskey = F + +devmgr-button-disable-fips = + .label = Disable FIPS + .accesskey = F + +## Strings used for load device + +load-device = + .title = Load PKCS#11 Device Driver + +load-device-info = Enter the information for the module you want to add. + +load-device-modname = + .value = Module Name + .accesskey = M + +load-device-modname-default = + .value = New PKCS#11 Module + +load-device-filename = + .value = Module filename + .accesskey = f + +load-device-browse = + .label = Browse… + .accesskey = B + +## Token Manager + +devinfo-status = + .label = Status + +devinfo-status-disabled = + .label = Disabled + +devinfo-status-not-present = + .label = Not Present + +devinfo-status-uninitialized = + .label = Uninitialised + +devinfo-status-not-logged-in = + .label = Not Logged In + +devinfo-status-logged-in = + .label = Logged In + +devinfo-status-ready = + .label = Ready + +devinfo-desc = + .label = Description + +devinfo-man-id = + .label = Manufacturer + +devinfo-hwversion = + .label = HW Version +devinfo-fwversion = + .label = FW Version + +devinfo-modname = + .label = Module + +devinfo-modpath = + .label = Path + +login-failed = Failed to Login + +devinfo-label = + .label = Label + +devinfo-serialnum = + .label = Serial Number + +fips-nonempty-primary-password-required = FIPS mode requires that you have a Primary Password set for each security device. Please set the password before trying to enable FIPS mode. +unable-to-toggle-fips = Unable to change the FIPS mode for the security device. It is recommended that you exit and restart this application. +load-pk11-module-file-picker-title = Choose a PKCS#11 device driver to load + +# Load Module Dialog +load-module-help-empty-module-name = + .value = The module name cannot be empty. + +# Do not translate 'Root Certs' +load-module-help-root-certs-module-name = + .value = ‘Root Certs‘ is reserved and cannot be used as the module name. + +add-module-failure = Unable to add module +del-module-warning = Are you sure you want to delete this security module? +del-module-error = Unable to delete module diff --git a/l10n-en-GB/security/manager/security/pippki/pippki.ftl b/l10n-en-GB/security/manager/security/pippki/pippki.ftl new file mode 100644 index 0000000000..8170d7dbf7 --- /dev/null +++ b/l10n-en-GB/security/manager/security/pippki/pippki.ftl @@ -0,0 +1,106 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +password-quality-meter = Password quality meter + +## Change Password dialog + +change-device-password-window = + .title = Change Password +# Variables: +# $tokenName (String) - Security device of the change password dialog +change-password-token = Security Device: { $tokenName } +change-password-old = Current password: +change-password-new = New password: +change-password-reenter = New password (again): +pippki-failed-pw-change = Unable to change password. +pippki-incorrect-pw = You did not enter the correct current password. Please try again. +pippki-pw-change-ok = Password successfully changed. +pippki-pw-empty-warning = Your stored passwords and private keys will not be protected. +pippki-pw-erased-ok = You have deleted your password. { pippki-pw-empty-warning } +pippki-pw-not-wanted = Warning! You have decided not to use a password. { pippki-pw-empty-warning } +pippki-pw-change2empty-in-fips-mode = You are currently in FIPS mode. FIPS requires a non-empty password. + +## Reset Primary Password dialog + +reset-primary-password-window2 = + .title = Reset Primary Password + .style = min-width: 40em +reset-password-button-label = + .label = Reset +reset-primary-password-text = If you reset your Primary Password, all your stored web and e-mail passwords, personal certificates, and private keys will be forgotten. Are you sure you want to reset your Primary Password? +pippki-reset-password-confirmation-title = Reset Primary Password +pippki-reset-password-confirmation-message = Your Primary Password has been reset. + +## Downloading cert dialog + +download-cert-window2 = + .title = Downloading Certificate + .style = min-width: 46em +download-cert-message = You have been asked to trust a new Certificate Authority (CA). +download-cert-trust-ssl = + .label = Trust this CA to identify web sites. +download-cert-trust-email = + .label = Trust this CA to identify email users. +download-cert-message-desc = Before trusting this CA for any purpose, you should examine its certificate and its policy and procedures (if available). +download-cert-view-cert = + .label = View +download-cert-view-text = Examine CA certificate + +## Client Authorization Ask dialog + + +## Client Authentication Ask dialog + +client-auth-window = + .title = User Identification Request +client-auth-site-description = This site has requested that you identify yourself with a certificate: +client-auth-choose-cert = Choose a certificate to present as identification: +client-auth-send-no-certificate = + .label = Don’t send a certificate +# Variables: +# $hostname (String) - The domain name of the site requesting the client authentication certificate +client-auth-site-identification = “{ $hostname }” has requested that you identify yourself with a certificate: +client-auth-cert-details = Details of selected certificate: +# Variables: +# $issuedTo (String) - The subject common name of the currently-selected client authentication certificate +client-auth-cert-details-issued-to = Issued to: { $issuedTo } +# Variables: +# $serialNumber (String) - The serial number of the certificate (hexadecimal of the form "AA:BB:...") +client-auth-cert-details-serial-number = Serial number: { $serialNumber } +# Variables: +# $notBefore (String) - The date before which the certificate is not valid (e.g. Apr 21, 2023, 1:47:53 PM UTC) +# $notAfter (String) - The date after which the certificate is not valid +client-auth-cert-details-validity-period = Valid from { $notBefore } to { $notAfter } +# Variables: +# $keyUsages (String) - A list of already-localized key usages for which the certificate may be used +client-auth-cert-details-key-usages = Key Usages: { $keyUsages } +# Variables: +# $emailAddresses (String) - A list of email addresses present in the certificate +client-auth-cert-details-email-addresses = Email addresses: { $emailAddresses } +# Variables: +# $issuedBy (String) - The issuer common name of the certificate +client-auth-cert-details-issued-by = Issued by: { $issuedBy } +# Variables: +# $storedOn (String) - The name of the token holding the certificate (for example, "OS Client Cert Token (Modern)") +client-auth-cert-details-stored-on = Stored on: { $storedOn } +client-auth-cert-remember-box = + .label = Remember this decision + +## Set password (p12) dialog + +set-password-window = + .title = Choose a Certificate Backup Password +set-password-message = The certificate backup password you set here protects the backup file that you are about to create. You must set this password to proceed with the backup. +set-password-backup-pw = + .value = Certificate backup password: +set-password-repeat-backup-pw = + .value = Certificate backup password (again): +set-password-reminder = Important: If you forget your certificate backup password, you will not be able to restore this backup later. Please record it in a safe location. + +## Protected authentication alert + +# Variables: +# $tokenName (String) - The name of the token to authenticate to (for example, "OS Client Cert Token (Modern)") +protected-auth-alert = Please authenticate to the token “{ $tokenName }”. How to do so depends on the token (for example, using a fingerprint reader or entering a code with a keypad). -- cgit v1.2.3