offlinehoster · September 19, 2019 09:18
diff --git a/sectigo.fail b/sectigo.fail
 Some days/weeks ago, Mozilla*¹ has dropped keygen functionality from Firefox.

 Current providers like Comodo, and now Sectigo had implemented these functionality to there web ui for creating SMIME certificates.

 Since some days, we're currently in a renew phase of our SMIME certificates, we found out that you are not able to order/create certificates with a current FireFox browser anymore.
 Just 2 years afo Chome already dropped that keygen functionality from their browser.

 I just sent some mails to Sectigo.com to tell them, that there is a big issue with the order and the request will end up in a loop.
 They tried to tell me how I have to collect the certificate....multiple times...
 After I searched the web for more information I found the article about the keygen functionality drop *².

 Than I told Sectigo about this big issue in the order process, because they're are telling everbody that you can use the following browsers:
 1. Microsoft Internet Explorer
 2. Microsoft Edge
 3. Mozilla Firefox
 4. Google Chrome

 They also tell you, that Google Chrome is only working within version 49, later versions are not supported because of the dropped keygen functionality.

 So we used Firefox, because on a Linux and Mac based environment you only have these options!

 And this is how this gist/tweet/mail started.

 The answer Sectigo gave to us, was just this:
 ##################################################
 Currently, Internet explorer is the only recommended browser to enroll and collect the SMIME certificate. So I kindly request you to use a windows system to enroll and collect the email certificate. Then you can export the pfx and import it on the machine you want.

 Please let us know if you need any further assistance

 Regards, 
 Technical Support - SECTIGO
 ##################################################

 And now let us think about. Linux and Mac based environment and the "internet explorer" recommandation.

 This is also not the recommended privacy policy a user would like to have. "Let others create your personal mail certificate"  - you also could tell them just to read all of your mails or just send "everybody who is involved to this process" your mails.

 @Sectigo: You fail and deal with it! Just provide the upload for a self generated certificate which you guys only have to sign.



 *¹ https://bugzilla.mozilla.org/show_bug.cgi?id=1315460
 *² https://www.fxsitecompat.dev/en-CA/docs/2019/keygen-support-has-been-dropped/
 *³ https://support.sectigo.com/Com_KnowledgeDetailPage?Id=kA01N000000zFKX
	Some days/weeks ago, Mozilla*¹ has dropped keygen functionality from Firefox.

	Current providers like Comodo, and now Sectigo had implemented these functionality to there web ui for creating SMIME certificates.

	Since some days, we're currently in a renew phase of our SMIME certificates, we found out that you are not able to order/create certificates with a current FireFox browser anymore.
	Just 2 years afo Chome already dropped that keygen functionality from their browser.

	I just sent some mails to Sectigo.com to tell them, that there is a big issue with the order and the request will end up in a loop.
	They tried to tell me how I have to collect the certificate....multiple times...
	After I searched the web for more information I found the article about the keygen functionality drop *².

	Than I told Sectigo about this big issue in the order process, because they're are telling everbody that you can use the following browsers:
	1. Microsoft Internet Explorer
	2. Microsoft Edge
	3. Mozilla Firefox
	4. Google Chrome

	They also tell you, that Google Chrome is only working within version 49, later versions are not supported because of the dropped keygen functionality.

	So we used Firefox, because on a Linux and Mac based environment you only have these options!

	And this is how this gist/tweet/mail started.

	The answer Sectigo gave to us, was just this:
	##################################################
	Currently, Internet explorer is the only recommended browser to enroll and collect the SMIME certificate. So I kindly request you to use a windows system to enroll and collect the email certificate. Then you can export the pfx and import it on the machine you want.

	Please let us know if you need any further assistance

	Regards,
	Technical Support - SECTIGO
	##################################################

	And now let us think about. Linux and Mac based environment and the "internet explorer" recommandation.

	This is also not the recommended privacy policy a user would like to have. "Let others create your personal mail certificate" - you also could tell them just to read all of your mails or just send "everybody who is involved to this process" your mails.

	@Sectigo: You fail and deal with it! Just provide the upload for a self generated certificate which you guys only have to sign.



	*¹ https://bugzilla.mozilla.org/show_bug.cgi?id=1315460
	*² https://www.fxsitecompat.dev/en-CA/docs/2019/keygen-support-has-been-dropped/
	*³ https://support.sectigo.com/Com_KnowledgeDetailPage?Id=kA01N000000zFKX