If you get a message that the clock on your computer does not match the server's time, you should check the Date and Time control panel (or similar service) on your computer. Most systems offer the option of synchronizing with a network time server. It may be necessary to quit and restart the Web Browser for the time to be updated completely (added 9/16/02)
If your personal certificate is not "verified" check that you have the Dartmouth College and CREN root certificates downloaded into your browser
Mozilla and Netscape do not automatically set "accepted" uses for your certificates. After certificates are downloaded, you select and "edit" them to accept their uses.
[ ] Trust this CA to identify web sites [ ] Trust this CA to identify email users [ ] Trust this CA to identify software developers
If the tabs and functions lists are missing from the Netscape Certificate Management System window, turn on Javascript in your web browser.
If the web site has set "client side SSL authentication" as "optional", you may get an error message if you don't have a personal certificate. (-12095)? (You may also see this message if you are using a self signed certificate and the web server is expecting a chain of certificates.)
tried to authenticate to PKI lab site, continued to ask for cert until I canceled then reported failure: error -12227
Mozilla vers 1.0 does not update the "Certificate Manager" window after you have deleted a certificate. If you notice this and try to delete a cert a second time you will crash Mozilla. Instead, quit and restart Mozilla. The deleted certificates are no longer displayed. (added 9/16/02)
If you need to reset the computer's clock because a problem in the middle of a PKI operation, you may need to restart the web browser to get it to recognize changed time setting.
If you are asked for your password every 20 seconds, you have the "Passwords" preference for "Communicator will ask for this Password:" set to "Every time your certificate is needed". This only happens in version 4 of Netscape. Set the preference to "The first time your certificate is needed" (Each SSL idle reconnect is causing a request for the password.)
Key and Certificate security are set to low when you download a certificate. To change that you must export and then reimport the key and certificate. The import certificate wizard sets "low" security by default as well. Choose the "Enable strong private key protection" option to set medium or high (recommended) security.