Using A PKI Certificate With Linux And Firefox

Linux based servers and the browser Firefox, which uses the Linux kernel, continue to be very popular options for both IP professionals as well as those with less technical and technology background.

Both are open source which means they are developed by the community that uses the servers and the browser, which means they offer a wide range of features and customization options. They also don't have the same restrictions on what can and cannot be modified as you will find in some of the browsers and servers.

Just an SSL (Secure Sockets Layer) can be used with other types of servers and browsers; it is possible to use a PKI certificate with Linux systems. These PKI certs can include all of our SSL/TLS products as well as our Personal Authentication and Email Certificates.

As with all of our SSL/TLS products the two different options in products will include those designed to protect a domain or a group of domains, which are our various levels and types of SSL/TLS certs. These can include Wildcard, Multi-Domain/SANS certs as well as those for single domains. These types of products are also available at levels of validation from the basic domain validation through to the highest possible of EV or extended validation.

Not all of the options for a PKI certificate with Linux allow for the EV level of validation. For instance, this is not possible with the Wildcard SSL as the level of validation is not possible to maintain with the "wildcard" element in the Fully Qualified Domain Name on the certificate.

However, we can work with you if you have specific needs for higher levels of trust and assurance for your website with the right PKI certificate with Linux to allow that EV level. It is possible to combine products to achieve your goals of the best possible trust and security while also staying within your budget requirements.

Domain Products

When installing a PKI certificate with Linux servers for domain protection, there are several different steps to complete. Our knowledgebase section outlines these in a step-by-step method that is easy to follow even if you are not an IT professional.

It will be important to start the process installation the certificate with a Certificate Signing Request from the Linux server. This generates the information you will send to the Certificate Authority as well as the private key that you will retain and install on the server in a protected file.

The certificate and the public key will be sent to the applicant. This will allow the installation of the certificate into the server with the private key file retained at the time of the Certificate Signing Request.

Once installed it is simple to use the Comodo Certificate Analyzer to ensure the cert is installed and operating correctly. If there are any difficulties at all our support team is here to help.

Personal Authentication Certificates

The PKI certificate with Linux can also be used to install Comodo Personal Authentication Certificates (CPAC) or Client certificates for email security. These will allow the user to both encrypt as well as digitally sign email to ensure the integrity of the message, verification of the sender and assurance that the message has not been altered.

The addition of the digital signature will be required for most types of contracts or other legal documents sent via email. This also ensures what is known as non-repudiation, which prevents the sender from claiming the email was not sent by them or from their account. This is possible because of the use of the paired public and private keys that are at the heart of all Public Key Infrastructure.

As with the domain protection products through or EPKI Manager, if the CPAC requests from the Firefox browser, there will be no need to export or import the documentation and files. In fact, with these products, they will automatically install in the browser.

Should you need to export the cert, there is a simple process that can be completed through the browser controls. This will include finding the personal cert and backing it up with the private key. Remember, the certificate is only one-half of the equation, you will also need to export and important the private key for the digital signature and encryption to function on a new browser or a new device.

To learn more about working with a PKI certificate with Linux, talk to our expert sales team or our tech support team. To find out more go to and ask questions through the live chat feature or give us a call at +1 888 266 6361.

Related Articles
Back to TOP