Unfortunately, upstream, they don't like my patch which comments out the "enable-in" line in /usr/share/p11-kit/modules/gnome-keyring.module, because that patch works by getting gnome-keyring's PKCS#11 module working again, but that module is pretty broken (it has thread safety issues) and they deprecated it because it's no longer maintained. Also gnome-keyring uses the old GNOME 2 module to store certificates, which itself is not ideal.
The approach they want upstream is to replace gnome-keyring's PKCS#11 module with p11-kit's user trust module, but for that to work, considerable other work to that user trust module is still necessary, including some way to store trust assertions. And the search paths for p11-kit probably need to be changed to include some path in the user home directory, otherwise only root can add new client certificates. Nobody upstream seem to be available/interested in that p11-kit development, and I am not sure when I'll have time. Hopefully soon. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1771880 Title: Seahorse unable to import pkcs12 certificates To manage notifications about this bug go to: https://bugs.launchpad.net/seahorse/+bug/1771880/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
