summaryrefslogtreecommitdiffstats
path: root/security/manager/locales/en-US/chrome
diff options
context:
space:
mode:
Diffstat (limited to 'security/manager/locales/en-US/chrome')
-rw-r--r--security/manager/locales/en-US/chrome/pipnss/nsserrors.properties329
-rwxr-xr-xsecurity/manager/locales/en-US/chrome/pipnss/pipnss.properties297
-rw-r--r--security/manager/locales/en-US/chrome/pippki/certManager.dtd93
-rw-r--r--security/manager/locales/en-US/chrome/pippki/deviceManager.dtd36
-rw-r--r--security/manager/locales/en-US/chrome/pippki/pippki.dtd51
-rw-r--r--security/manager/locales/en-US/chrome/pippki/pippki.properties192
6 files changed, 998 insertions, 0 deletions
diff --git a/security/manager/locales/en-US/chrome/pipnss/nsserrors.properties b/security/manager/locales/en-US/chrome/pipnss/nsserrors.properties
new file mode 100644
index 000000000..31274f985
--- /dev/null
+++ b/security/manager/locales/en-US/chrome/pipnss/nsserrors.properties
@@ -0,0 +1,329 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+SSL_ERROR_EXPORT_ONLY_SERVER=Unable to communicate securely. Peer does not support high-grade encryption.
+SSL_ERROR_US_ONLY_SERVER=Unable to communicate securely. Peer requires high-grade encryption which is not supported.
+SSL_ERROR_NO_CYPHER_OVERLAP=Cannot communicate securely with peer: no common encryption algorithm(s).
+SSL_ERROR_NO_CERTIFICATE=Unable to find the certificate or key necessary for authentication.
+SSL_ERROR_BAD_CERTIFICATE=Unable to communicate securely with peer: peers’s certificate was rejected.
+SSL_ERROR_BAD_CLIENT=The server has encountered bad data from the client.
+SSL_ERROR_BAD_SERVER=The client has encountered bad data from the server.
+SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE=Unsupported certificate type.
+SSL_ERROR_UNSUPPORTED_VERSION=Peer using unsupported version of security protocol.
+SSL_ERROR_WRONG_CERTIFICATE=Client authentication failed: private key in key database does not match public key in certificate database.
+SSL_ERROR_BAD_CERT_DOMAIN=Unable to communicate securely with peer: requested domain name does not match the server’s certificate.
+SSL_ERROR_POST_WARNING=Unrecognized SSL error code.
+SSL_ERROR_SSL2_DISABLED=Peer only supports SSL version 2, which is locally disabled.
+SSL_ERROR_BAD_MAC_READ=SSL received a record with an incorrect Message Authentication Code.
+SSL_ERROR_BAD_MAC_ALERT=SSL peer reports incorrect Message Authentication Code.
+SSL_ERROR_BAD_CERT_ALERT=SSL peer cannot verify your certificate.
+SSL_ERROR_REVOKED_CERT_ALERT=SSL peer rejected your certificate as revoked.
+SSL_ERROR_EXPIRED_CERT_ALERT=SSL peer rejected your certificate as expired.
+SSL_ERROR_SSL_DISABLED=Cannot connect: SSL is disabled.
+SSL_ERROR_FORTEZZA_PQG=Cannot connect: SSL peer is in another FORTEZZA domain.
+SSL_ERROR_UNKNOWN_CIPHER_SUITE=An unknown SSL cipher suite has been requested.
+SSL_ERROR_NO_CIPHERS_SUPPORTED=No cipher suites are present and enabled in this program.
+SSL_ERROR_BAD_BLOCK_PADDING=SSL received a record with bad block padding.
+SSL_ERROR_RX_RECORD_TOO_LONG=SSL received a record that exceeded the maximum permissible length.
+SSL_ERROR_TX_RECORD_TOO_LONG=SSL attempted to send a record that exceeded the maximum permissible length.
+SSL_ERROR_RX_MALFORMED_HELLO_REQUEST=SSL received a malformed Hello Request handshake message.
+SSL_ERROR_RX_MALFORMED_CLIENT_HELLO=SSL received a malformed Client Hello handshake message.
+SSL_ERROR_RX_MALFORMED_SERVER_HELLO=SSL received a malformed Server Hello handshake message.
+SSL_ERROR_RX_MALFORMED_CERTIFICATE=SSL received a malformed Certificate handshake message.
+SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH=SSL received a malformed Server Key Exchange handshake message.
+SSL_ERROR_RX_MALFORMED_CERT_REQUEST=SSL received a malformed Certificate Request handshake message.
+SSL_ERROR_RX_MALFORMED_HELLO_DONE=SSL received a malformed Server Hello Done handshake message.
+SSL_ERROR_RX_MALFORMED_CERT_VERIFY=SSL received a malformed Certificate Verify handshake message.
+SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH=SSL received a malformed Client Key Exchange handshake message.
+SSL_ERROR_RX_MALFORMED_FINISHED=SSL received a malformed Finished handshake message.
+SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER=SSL received a malformed Change Cipher Spec record.
+SSL_ERROR_RX_MALFORMED_ALERT=SSL received a malformed Alert record.
+SSL_ERROR_RX_MALFORMED_HANDSHAKE=SSL received a malformed Handshake record.
+SSL_ERROR_RX_MALFORMED_APPLICATION_DATA=SSL received a malformed Application Data record.
+SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST=SSL received an unexpected Hello Request handshake message.
+SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO=SSL received an unexpected Client Hello handshake message.
+SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO=SSL received an unexpected Server Hello handshake message.
+SSL_ERROR_RX_UNEXPECTED_CERTIFICATE=SSL received an unexpected Certificate handshake message.
+SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH=SSL received an unexpected Server Key Exchange handshake message.
+SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST=SSL received an unexpected Certificate Request handshake message.
+SSL_ERROR_RX_UNEXPECTED_HELLO_DONE=SSL received an unexpected Server Hello Done handshake message.
+SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY=SSL received an unexpected Certificate Verify handshake message.
+SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH=SSL received an unexpected Client Key Exchange handshake message.
+SSL_ERROR_RX_UNEXPECTED_FINISHED=SSL received an unexpected Finished handshake message.
+SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER=SSL received an unexpected Change Cipher Spec record.
+SSL_ERROR_RX_UNEXPECTED_ALERT=SSL received an unexpected Alert record.
+SSL_ERROR_RX_UNEXPECTED_HANDSHAKE=SSL received an unexpected Handshake record.
+SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA=SSL received an unexpected Application Data record.
+SSL_ERROR_RX_UNKNOWN_RECORD_TYPE=SSL received a record with an unknown content type.
+SSL_ERROR_RX_UNKNOWN_HANDSHAKE=SSL received a handshake message with an unknown message type.
+SSL_ERROR_RX_UNKNOWN_ALERT=SSL received an alert record with an unknown alert description.
+SSL_ERROR_CLOSE_NOTIFY_ALERT=SSL peer has closed this connection.
+SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT=SSL peer was not expecting a handshake message it received.
+SSL_ERROR_DECOMPRESSION_FAILURE_ALERT=SSL peer was unable to successfully decompress an SSL record it received.
+SSL_ERROR_HANDSHAKE_FAILURE_ALERT=SSL peer was unable to negotiate an acceptable set of security parameters.
+SSL_ERROR_ILLEGAL_PARAMETER_ALERT=SSL peer rejected a handshake message for unacceptable content.
+SSL_ERROR_UNSUPPORTED_CERT_ALERT=SSL peer does not support certificates of the type it received.
+SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT=SSL peer had some unspecified issue with the certificate it received.
+SSL_ERROR_GENERATE_RANDOM_FAILURE=SSL experienced a failure of its random number generator.
+SSL_ERROR_SIGN_HASHES_FAILURE=Unable to digitally sign data required to verify your certificate.
+SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE=SSL was unable to extract the public key from the peer’s certificate.
+SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE=Unspecified failure while processing SSL Server Key Exchange handshake.
+SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE=Unspecified failure while processing SSL Client Key Exchange handshake.
+SSL_ERROR_ENCRYPTION_FAILURE=Bulk data encryption algorithm failed in selected cipher suite.
+SSL_ERROR_DECRYPTION_FAILURE=Bulk data decryption algorithm failed in selected cipher suite.
+SSL_ERROR_SOCKET_WRITE_FAILURE=Attempt to write encrypted data to underlying socket failed.
+SSL_ERROR_MD5_DIGEST_FAILURE=MD5 digest function failed.
+SSL_ERROR_SHA_DIGEST_FAILURE=SHA-1 digest function failed.
+SSL_ERROR_MAC_COMPUTATION_FAILURE=MAC computation failed.
+SSL_ERROR_SYM_KEY_CONTEXT_FAILURE=Failure to create Symmetric Key context.
+SSL_ERROR_SYM_KEY_UNWRAP_FAILURE=Failure to unwrap the Symmetric key in Client Key Exchange message.
+SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED=SSL Server attempted to use domestic-grade public key with export cipher suite.
+SSL_ERROR_IV_PARAM_FAILURE=PKCS11 code failed to translate an IV into a param.
+SSL_ERROR_INIT_CIPHER_SUITE_FAILURE=Failed to initialize the selected cipher suite.
+SSL_ERROR_SESSION_KEY_GEN_FAILURE=Client failed to generate session keys for SSL session.
+SSL_ERROR_NO_SERVER_KEY_FOR_ALG=Server has no key for the attempted key exchange algorithm.
+SSL_ERROR_TOKEN_INSERTION_REMOVAL=PKCS#11 token was inserted or removed while operation was in progress.
+SSL_ERROR_TOKEN_SLOT_NOT_FOUND=No PKCS#11 token could be found to do a required operation.
+SSL_ERROR_NO_COMPRESSION_OVERLAP=Cannot communicate securely with peer: no common compression algorithm(s).
+SSL_ERROR_HANDSHAKE_NOT_COMPLETED=Cannot initiate another SSL handshake until current handshake is complete.
+SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE=Received incorrect handshakes hash values from peer.
+SSL_ERROR_CERT_KEA_MISMATCH=The certificate provided cannot be used with the selected key exchange algorithm.
+SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA=No certificate authority is trusted for SSL client authentication.
+SSL_ERROR_SESSION_NOT_FOUND=Client’s SSL session ID not found in server’s session cache.
+SSL_ERROR_DECRYPTION_FAILED_ALERT=Peer was unable to decrypt an SSL record it received.
+SSL_ERROR_RECORD_OVERFLOW_ALERT=Peer received an SSL record that was longer than is permitted.
+SSL_ERROR_UNKNOWN_CA_ALERT=Peer does not recognize and trust the CA that issued your certificate.
+SSL_ERROR_ACCESS_DENIED_ALERT=Peer received a valid certificate, but access was denied.
+SSL_ERROR_DECODE_ERROR_ALERT=Peer could not decode an SSL handshake message.
+SSL_ERROR_DECRYPT_ERROR_ALERT=Peer reports failure of signature verification or key exchange.
+SSL_ERROR_EXPORT_RESTRICTION_ALERT=Peer reports negotiation not in compliance with export regulations.
+SSL_ERROR_PROTOCOL_VERSION_ALERT=Peer reports incompatible or unsupported protocol version.
+SSL_ERROR_INSUFFICIENT_SECURITY_ALERT=Server requires ciphers more secure than those supported by client.
+SSL_ERROR_INTERNAL_ERROR_ALERT=Peer reports it experienced an internal error.
+SSL_ERROR_USER_CANCELED_ALERT=Peer user canceled handshake.
+SSL_ERROR_NO_RENEGOTIATION_ALERT=Peer does not permit renegotiation of SSL security parameters.
+SSL_ERROR_SERVER_CACHE_NOT_CONFIGURED=SSL server cache not configured and not disabled for this socket.
+SSL_ERROR_UNSUPPORTED_EXTENSION_ALERT=SSL peer does not support requested TLS hello extension.
+SSL_ERROR_CERTIFICATE_UNOBTAINABLE_ALERT=SSL peer could not obtain your certificate from the supplied URL.
+SSL_ERROR_UNRECOGNIZED_NAME_ALERT=SSL peer has no certificate for the requested DNS name.
+SSL_ERROR_BAD_CERT_STATUS_RESPONSE_ALERT=SSL peer was unable to get an OCSP response for its certificate.
+SSL_ERROR_BAD_CERT_HASH_VALUE_ALERT=SSL peer reported bad certificate hash value.
+SSL_ERROR_RX_UNEXPECTED_NEW_SESSION_TICKET=SSL received an unexpected New Session Ticket handshake message.
+SSL_ERROR_RX_MALFORMED_NEW_SESSION_TICKET=SSL received a malformed New Session Ticket handshake message.
+SSL_ERROR_DECOMPRESSION_FAILURE=SSL received a compressed record that could not be decompressed.
+SSL_ERROR_RENEGOTIATION_NOT_ALLOWED=Renegotiation is not allowed on this SSL socket.
+SSL_ERROR_UNSAFE_NEGOTIATION=Peer attempted old style (potentially vulnerable) handshake.
+SSL_ERROR_RX_UNEXPECTED_UNCOMPRESSED_RECORD=SSL received an unexpected uncompressed record.
+SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY=SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message.
+SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID=SSL received invalid NPN extension data.
+SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SSL2=SSL feature not supported for SSL 2.0 connections.
+SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SERVERS=SSL feature not supported for servers.
+SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_CLIENTS=SSL feature not supported for clients.
+SSL_ERROR_INVALID_VERSION_RANGE=SSL version range is not valid.
+SSL_ERROR_CIPHER_DISALLOWED_FOR_VERSION=SSL peer selected a cipher suite disallowed for the selected protocol version.
+SSL_ERROR_RX_MALFORMED_HELLO_VERIFY_REQUEST=SSL received a malformed Hello Verify Request handshake message.
+SSL_ERROR_RX_UNEXPECTED_HELLO_VERIFY_REQUEST=SSL received an unexpected Hello Verify Request handshake message.
+SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_VERSION=SSL feature not supported for the protocol version.
+SSL_ERROR_RX_UNEXPECTED_CERT_STATUS=SSL received an unexpected Certificate Status handshake message.
+SSL_ERROR_UNSUPPORTED_HASH_ALGORITHM=Unsupported hash algorithm used by TLS peer.
+SSL_ERROR_DIGEST_FAILURE=Digest function failed.
+SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM=Incorrect signature algorithm specified in a digitally-signed element.
+SSL_ERROR_NEXT_PROTOCOL_NO_CALLBACK=The next protocol negotiation extension was enabled, but the callback was cleared prior to being needed.
+SSL_ERROR_NEXT_PROTOCOL_NO_PROTOCOL=The server supports no protocols that the client advertises in the ALPN extension.
+SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT=The server rejected the handshake because the client downgraded to a lower TLS version than the server supports.
+SSL_ERROR_WEAK_SERVER_CERT_KEY=The server certificate included a public key that was too weak.
+SSL_ERROR_RX_SHORT_DTLS_READ=Not enough room in buffer for DTLS record.
+SSL_ERROR_NO_SUPPORTED_SIGNATURE_ALGORITHM=No supported TLS signature algorithm was configured.
+SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM=The peer used an unsupported combination of signature and hash algorithm.
+SSL_ERROR_MISSING_EXTENDED_MASTER_SECRET=The peer tried to resume without a correct extended_master_secret extension.
+SSL_ERROR_UNEXPECTED_EXTENDED_MASTER_SECRET=The peer tried to resume with an unexpected extended_master_secret extension.
+SEC_ERROR_IO=An I/O error occurred during security authorization.
+SEC_ERROR_LIBRARY_FAILURE=security library failure.
+SEC_ERROR_BAD_DATA=security library: received bad data.
+SEC_ERROR_OUTPUT_LEN=security library: output length error.
+SEC_ERROR_INPUT_LEN=security library has experienced an input length error.
+SEC_ERROR_INVALID_ARGS=security library: invalid arguments.
+SEC_ERROR_INVALID_ALGORITHM=security library: invalid algorithm.
+SEC_ERROR_INVALID_AVA=security library: invalid AVA.
+SEC_ERROR_INVALID_TIME=Improperly formatted time string.
+SEC_ERROR_BAD_DER=security library: improperly formatted DER-encoded message.
+SEC_ERROR_BAD_SIGNATURE=Peer’s certificate has an invalid signature.
+SEC_ERROR_EXPIRED_CERTIFICATE=Peer’s Certificate has expired.
+SEC_ERROR_REVOKED_CERTIFICATE=Peer’s Certificate has been revoked.
+SEC_ERROR_UNKNOWN_ISSUER=Peer’s Certificate issuer is not recognized.
+SEC_ERROR_BAD_KEY=Peer’s public key is invalid.
+SEC_ERROR_BAD_PASSWORD=The security password entered is incorrect.
+SEC_ERROR_RETRY_PASSWORD=New password entered incorrectly. Please try again.
+SEC_ERROR_NO_NODELOCK=security library: no nodelock.
+SEC_ERROR_BAD_DATABASE=security library: bad database.
+SEC_ERROR_NO_MEMORY=security library: memory allocation failure.
+SEC_ERROR_UNTRUSTED_ISSUER=Peer’s certificate issuer has been marked as not trusted by the user.
+SEC_ERROR_UNTRUSTED_CERT=Peer’s certificate has been marked as not trusted by the user.
+SEC_ERROR_DUPLICATE_CERT=Certificate already exists in your database.
+SEC_ERROR_DUPLICATE_CERT_NAME=Downloaded certificate’s name duplicates one already in your database.
+SEC_ERROR_ADDING_CERT=Error adding certificate to database.
+SEC_ERROR_FILING_KEY=Error refiling the key for this certificate.
+SEC_ERROR_NO_KEY=The private key for this certificate cannot be found in key database
+SEC_ERROR_CERT_VALID=This certificate is valid.
+SEC_ERROR_CERT_NOT_VALID=This certificate is not valid.
+SEC_ERROR_CERT_NO_RESPONSE=Cert Library: No Response
+SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE=The certificate issuer’s certificate has expired. Check your system date and time.
+SEC_ERROR_CRL_EXPIRED=The CRL for the certificate’s issuer has expired. Update it or check your system date and time.
+SEC_ERROR_CRL_BAD_SIGNATURE=The CRL for the certificate’s issuer has an invalid signature.
+SEC_ERROR_CRL_INVALID=New CRL has an invalid format.
+SEC_ERROR_EXTENSION_VALUE_INVALID=Certificate extension value is invalid.
+SEC_ERROR_EXTENSION_NOT_FOUND=Certificate extension not found.
+SEC_ERROR_CA_CERT_INVALID=Issuer certificate is invalid.
+SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID=Certificate path length constraint is invalid.
+SEC_ERROR_CERT_USAGES_INVALID=Certificate usages field is invalid.
+SEC_INTERNAL_ONLY=**Internal ONLY module**
+SEC_ERROR_INVALID_KEY=The key does not support the requested operation.
+SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION=Certificate contains unknown critical extension.
+SEC_ERROR_OLD_CRL=New CRL is not later than the current one.
+SEC_ERROR_NO_EMAIL_CERT=Not encrypted or signed: you do not yet have an email certificate.
+SEC_ERROR_NO_RECIPIENT_CERTS_QUERY=Not encrypted: you do not have certificates for each of the recipients.
+SEC_ERROR_NOT_A_RECIPIENT=Cannot decrypt: you are not a recipient, or matching certificate and private key not found.
+SEC_ERROR_PKCS7_KEYALG_MISMATCH=Cannot decrypt: key encryption algorithm does not match your certificate.
+SEC_ERROR_PKCS7_BAD_SIGNATURE=Signature verification failed: no signer found, too many signers found, or improper or corrupted data.
+SEC_ERROR_UNSUPPORTED_KEYALG=Unsupported or unknown key algorithm.
+SEC_ERROR_DECRYPTION_DISALLOWED=Cannot decrypt: encrypted using a disallowed algorithm or key size.
+XP_SEC_FORTEZZA_BAD_CARD=Fortezza card has not been properly initialized. Please remove it and return it to your issuer.
+XP_SEC_FORTEZZA_NO_CARD=No Fortezza cards Found
+XP_SEC_FORTEZZA_NONE_SELECTED=No Fortezza card selected
+XP_SEC_FORTEZZA_MORE_INFO=Please select a personality to get more info on
+XP_SEC_FORTEZZA_PERSON_NOT_FOUND=Personality not found
+XP_SEC_FORTEZZA_NO_MORE_INFO=No more information on that Personality
+XP_SEC_FORTEZZA_BAD_PIN=Invalid Pin
+XP_SEC_FORTEZZA_PERSON_ERROR=Couldn’t initialize Fortezza personalities.
+SEC_ERROR_NO_KRL=No KRL for this site’s certificate has been found.
+SEC_ERROR_KRL_EXPIRED=The KRL for this site’s certificate has expired.
+SEC_ERROR_KRL_BAD_SIGNATURE=The KRL for this site’s certificate has an invalid signature.
+SEC_ERROR_REVOKED_KEY=The key for this site’s certificate has been revoked.
+SEC_ERROR_KRL_INVALID=New KRL has an invalid format.
+SEC_ERROR_NEED_RANDOM=security library: need random data.
+SEC_ERROR_NO_MODULE=security library: no security module can perform the requested operation.
+SEC_ERROR_NO_TOKEN=The security card or token does not exist, needs to be initialized, or has been removed.
+SEC_ERROR_READ_ONLY=security library: read-only database.
+SEC_ERROR_NO_SLOT_SELECTED=No slot or token was selected.
+SEC_ERROR_CERT_NICKNAME_COLLISION=A certificate with the same nickname already exists.
+SEC_ERROR_KEY_NICKNAME_COLLISION=A key with the same nickname already exists.
+SEC_ERROR_SAFE_NOT_CREATED=error while creating safe object
+SEC_ERROR_BAGGAGE_NOT_CREATED=error while creating baggage object
+XP_JAVA_REMOVE_PRINCIPAL_ERROR=Couldn’t remove the principal
+XP_JAVA_DELETE_PRIVILEGE_ERROR=Couldn’t delete the privilege
+XP_JAVA_CERT_NOT_EXISTS_ERROR=This principal doesn’t have a certificate
+SEC_ERROR_BAD_EXPORT_ALGORITHM=Required algorithm is not allowed.
+SEC_ERROR_EXPORTING_CERTIFICATES=Error attempting to export certificates.
+SEC_ERROR_IMPORTING_CERTIFICATES=Error attempting to import certificates.
+SEC_ERROR_PKCS12_DECODING_PFX=Unable to import. Decoding error. File not valid.
+SEC_ERROR_PKCS12_INVALID_MAC=Unable to import. Invalid MAC. Incorrect password or corrupt file.
+SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM=Unable to import. MAC algorithm not supported.
+SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE=Unable to import. Only password integrity and privacy modes supported.
+SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE=Unable to import. File structure is corrupt.
+SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM=Unable to import. Encryption algorithm not supported.
+SEC_ERROR_PKCS12_UNSUPPORTED_VERSION=Unable to import. File version not supported.
+SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT=Unable to import. Incorrect privacy password.
+SEC_ERROR_PKCS12_CERT_COLLISION=Unable to import. Same nickname already exists in database.
+SEC_ERROR_USER_CANCELLED=The user pressed cancel.
+SEC_ERROR_PKCS12_DUPLICATE_DATA=Not imported, already in database.
+SEC_ERROR_MESSAGE_SEND_ABORTED=Message not sent.
+SEC_ERROR_INADEQUATE_KEY_USAGE=Certificate key usage inadequate for attempted operation.
+SEC_ERROR_INADEQUATE_CERT_TYPE=Certificate type not approved for application.
+SEC_ERROR_CERT_ADDR_MISMATCH=Address in signing certificate does not match address in message headers.
+SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY=Unable to import. Error attempting to import private key.
+SEC_ERROR_PKCS12_IMPORTING_CERT_CHAIN=Unable to import. Error attempting to import certificate chain.
+SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME=Unable to export. Unable to locate certificate or key by nickname.
+SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY=Unable to export. Private Key could not be located and exported.
+SEC_ERROR_PKCS12_UNABLE_TO_WRITE=Unable to export. Unable to write the export file.
+SEC_ERROR_PKCS12_UNABLE_TO_READ=Unable to import. Unable to read the import file.
+SEC_ERROR_PKCS12_KEY_DATABASE_NOT_INITIALIZED=Unable to export. Key database corrupt or deleted.
+SEC_ERROR_KEYGEN_FAIL=Unable to generate public/private key pair.
+SEC_ERROR_INVALID_PASSWORD=Password entered is invalid. Please pick a different one.
+SEC_ERROR_RETRY_OLD_PASSWORD=Old password entered incorrectly. Please try again.
+SEC_ERROR_BAD_NICKNAME=Certificate nickname already in use.
+SEC_ERROR_NOT_FORTEZZA_ISSUER=Peer FORTEZZA chain has a non-FORTEZZA Certificate.
+SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY=A sensitive key cannot be moved to the slot where it is needed.
+SEC_ERROR_JS_INVALID_MODULE_NAME=Invalid module name.
+SEC_ERROR_JS_INVALID_DLL=Invalid module path/filename
+SEC_ERROR_JS_ADD_MOD_FAILURE=Unable to add module
+SEC_ERROR_JS_DEL_MOD_FAILURE=Unable to delete module
+SEC_ERROR_OLD_KRL=New KRL is not later than the current one.
+SEC_ERROR_CKL_CONFLICT=New CKL has different issuer than current CKL. Delete current CKL.
+SEC_ERROR_CERT_NOT_IN_NAME_SPACE=The Certifying Authority for this certificate is not permitted to issue a certificate with this name.
+SEC_ERROR_KRL_NOT_YET_VALID=The key revocation list for this certificate is not yet valid.
+SEC_ERROR_CRL_NOT_YET_VALID=The certificate revocation list for this certificate is not yet valid.
+SEC_ERROR_UNKNOWN_CERT=The requested certificate could not be found.
+SEC_ERROR_UNKNOWN_SIGNER=The signer’s certificate could not be found.
+SEC_ERROR_CERT_BAD_ACCESS_LOCATION=The location for the certificate status server has invalid format.
+SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE=The OCSP response cannot be fully decoded; it is of an unknown type.
+SEC_ERROR_OCSP_BAD_HTTP_RESPONSE=The OCSP server returned unexpected/invalid HTTP data.
+SEC_ERROR_OCSP_MALFORMED_REQUEST=The OCSP server found the request to be corrupted or improperly formed.
+SEC_ERROR_OCSP_SERVER_ERROR=The OCSP server experienced an internal error.
+SEC_ERROR_OCSP_TRY_SERVER_LATER=The OCSP server suggests trying again later.
+SEC_ERROR_OCSP_REQUEST_NEEDS_SIG=The OCSP server requires a signature on this request.
+SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST=The OCSP server has refused this request as unauthorized.
+SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS=The OCSP server returned an unrecognizable status.
+SEC_ERROR_OCSP_UNKNOWN_CERT=The OCSP server has no status for the certificate.
+SEC_ERROR_OCSP_NOT_ENABLED=You must enable OCSP before performing this operation.
+SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER=You must set the OCSP default responder before performing this operation.
+SEC_ERROR_OCSP_MALFORMED_RESPONSE=The response from the OCSP server was corrupted or improperly formed.
+SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE=The signer of the OCSP response is not authorized to give status for this certificate.
+SEC_ERROR_OCSP_FUTURE_RESPONSE=The OCSP response is not yet valid (contains a date in the future).
+SEC_ERROR_OCSP_OLD_RESPONSE=The OCSP response contains out-of-date information.
+SEC_ERROR_DIGEST_NOT_FOUND=The CMS or PKCS #7 Digest was not found in signed message.
+SEC_ERROR_UNSUPPORTED_MESSAGE_TYPE=The CMS or PKCS #7 Message type is unsupported.
+SEC_ERROR_MODULE_STUCK=PKCS #11 module could not be removed because it is still in use.
+SEC_ERROR_BAD_TEMPLATE=Could not decode ASN.1 data. Specified template was invalid.
+SEC_ERROR_CRL_NOT_FOUND=No matching CRL was found.
+SEC_ERROR_REUSED_ISSUER_AND_SERIAL=You are attempting to import a cert with the same issuer/serial as an existing cert, but that is not the same cert.
+SEC_ERROR_BUSY=NSS could not shutdown. Objects are still in use.
+SEC_ERROR_EXTRA_INPUT=DER-encoded message contained extra unused data.
+SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE=Unsupported elliptic curve.
+SEC_ERROR_UNSUPPORTED_EC_POINT_FORM=Unsupported elliptic curve point form.
+SEC_ERROR_UNRECOGNIZED_OID=Unrecognized Object Identifier.
+SEC_ERROR_OCSP_INVALID_SIGNING_CERT=Invalid OCSP signing certificate in OCSP response.
+SEC_ERROR_REVOKED_CERTIFICATE_CRL=Certificate is revoked in issuer’s certificate revocation list.
+SEC_ERROR_REVOKED_CERTIFICATE_OCSP=Issuer’s OCSP responder reports certificate is revoked.
+SEC_ERROR_CRL_INVALID_VERSION=Issuer’s Certificate Revocation List has an unknown version number.
+SEC_ERROR_CRL_V1_CRITICAL_EXTENSION=Issuer’s V1 Certificate Revocation List has a critical extension.
+SEC_ERROR_CRL_UNKNOWN_CRITICAL_EXTENSION=Issuer’s V2 Certificate Revocation List has an unknown critical extension.
+SEC_ERROR_UNKNOWN_OBJECT_TYPE=Unknown object type specified.
+SEC_ERROR_INCOMPATIBLE_PKCS11=PKCS #11 driver violates the spec in an incompatible way.
+SEC_ERROR_NO_EVENT=No new slot event is available at this time.
+SEC_ERROR_CRL_ALREADY_EXISTS=CRL already exists.
+SEC_ERROR_NOT_INITIALIZED=NSS is not initialized.
+SEC_ERROR_TOKEN_NOT_LOGGED_IN=The operation failed because the PKCS#11 token is not logged in.
+SEC_ERROR_OCSP_RESPONDER_CERT_INVALID=Configured OCSP responder’s certificate is invalid.
+SEC_ERROR_OCSP_BAD_SIGNATURE=OCSP response has an invalid signature.
+SEC_ERROR_OUT_OF_SEARCH_LIMITS=Cert validation search is out of search limits
+SEC_ERROR_INVALID_POLICY_MAPPING=Policy mapping contains anypolicy
+SEC_ERROR_POLICY_VALIDATION_FAILED=Cert chain fails policy validation
+SEC_ERROR_UNKNOWN_AIA_LOCATION_TYPE=Unknown location type in cert AIA extension
+SEC_ERROR_BAD_HTTP_RESPONSE=Server returned bad HTTP response
+SEC_ERROR_BAD_LDAP_RESPONSE=Server returned bad LDAP response
+SEC_ERROR_FAILED_TO_ENCODE_DATA=Failed to encode data with ASN1 encoder
+SEC_ERROR_BAD_INFO_ACCESS_LOCATION=Bad information access location in cert extension
+SEC_ERROR_LIBPKIX_INTERNAL=Libpkix internal error occurred during cert validation.
+SEC_ERROR_PKCS11_GENERAL_ERROR=A PKCS #11 module returned CKR_GENERAL_ERROR, indicating that an unrecoverable error has occurred.
+SEC_ERROR_PKCS11_FUNCTION_FAILED=A PKCS #11 module returned CKR_FUNCTION_FAILED, indicating that the requested function could not be performed. Trying the same operation again might succeed.
+SEC_ERROR_PKCS11_DEVICE_ERROR=A PKCS #11 module returned CKR_DEVICE_ERROR, indicating that a problem has occurred with the token or slot.
+SEC_ERROR_BAD_INFO_ACCESS_METHOD=Unknown information access method in certificate extension.
+SEC_ERROR_CRL_IMPORT_FAILED=Error attempting to import a CRL.
+SEC_ERROR_EXPIRED_PASSWORD=The password expired.
+SEC_ERROR_LOCKED_PASSWORD=The password is locked.
+SEC_ERROR_UNKNOWN_PKCS11_ERROR=Unknown PKCS #11 error.
+SEC_ERROR_BAD_CRL_DP_URL=Invalid or unsupported URL in CRL distribution point name.
+SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED=The certificate was signed using a signature algorithm that is disabled because it is not secure.
+MOZILLA_PKIX_ERROR_KEY_PINNING_FAILURE=The server uses key pinning (HPKP) but no trusted certificate chain could be constructed that matches the pinset. Key pinning violations cannot be overridden.
+MOZILLA_PKIX_ERROR_CA_CERT_USED_AS_END_ENTITY=The server uses a certificate with a basic constraints extension identifying it as a certificate authority. For a properly-issued certificate, this should not be the case.
+MOZILLA_PKIX_ERROR_INADEQUATE_KEY_SIZE=The server presented a certificate with a key size that is too small to establish a secure connection.
+MOZILLA_PKIX_ERROR_V1_CERT_USED_AS_CA=An X.509 version 1 certificate that is not a trust anchor was used to issue the server’s certificate. X.509 version 1 certificates are deprecated and should not be used to sign other certificates.
+MOZILLA_PKIX_ERROR_NOT_YET_VALID_CERTIFICATE=The server presented a certificate that is not yet valid.
+MOZILLA_PKIX_ERROR_NOT_YET_VALID_ISSUER_CERTIFICATE=A certificate that is not yet valid was used to issue the server’s certificate.
+MOZILLA_PKIX_ERROR_SIGNATURE_ALGORITHM_MISMATCH=The signature algorithm in the signature field of the certificate does not match the algorithm in its signatureAlgorithm field.
+MOZILLA_PKIX_ERROR_OCSP_RESPONSE_FOR_CERT_MISSING=The OCSP response does not include a status for the certificate being verified.
+MOZILLA_PKIX_ERROR_VALIDITY_TOO_LONG=The server presented a certificate that is valid for too long.
+MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING=A required TLS feature is missing.
+MOZILLA_PKIX_ERROR_INVALID_INTEGER_ENCODING=The server presented a certificate that contains an invalid encoding of an integer. Common causes include negative serial numbers, negative RSA moduli, and encodings that are longer than necessary.
+MOZILLA_PKIX_ERROR_EMPTY_ISSUER_NAME=The server presented a certificate with an empty issuer distinguished name.
diff --git a/security/manager/locales/en-US/chrome/pipnss/pipnss.properties b/security/manager/locales/en-US/chrome/pipnss/pipnss.properties
new file mode 100755
index 000000000..9c732ce9d
--- /dev/null
+++ b/security/manager/locales/en-US/chrome/pipnss/pipnss.properties
@@ -0,0 +1,297 @@
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+CertPassPrompt=Please enter the master password for the %S.
+# the following strings have special requirements:
+# they must fit in a 32 or 64 byte buffer after being translated
+# to UTF8. Note to translator. It's not easy for you to figure
+# whether the escaped unicode string you produce will fit in
+# the space allocated.
+#
+# 64 bytes long after conversion to UTF8
+RootCertModuleName=Builtin Roots Module
+#
+# 32 bytes long after conversion to UTF8
+ManufacturerID=Mozilla.org
+#
+# 32 bytes long after conversion to UTF8
+LibraryDescription=PSM Internal Crypto Services
+#
+# 32 bytes long after conversion to UTF8
+TokenDescription=Generic Crypto Services
+#
+# 32 bytes long after conversion to UTF8
+PrivateTokenDescription=Software Security Device
+#
+# 64 bytes long after conversion to UTF8
+SlotDescription=PSM Internal Cryptographic Services
+#
+# 64 bytes long after conversion to UTF8
+PrivateSlotDescription=PSM Private Keys
+#
+# 32
+Fips140TokenDescription=Software Security Device (FIPS)
+# 64
+Fips140SlotDescription=FIPS 140 Cryptographic, Key and Certificate Services
+# 32
+InternalToken=Software Security Device
+# End of size restriction.
+VerifySSLClient=SSL Client Certificate
+VerifySSLServer=SSL Server Certificate
+VerifySSLCA=SSL Certificate Authority
+VerifyEmailSigner=Email Signer Certificate
+VerifyEmailRecip=Email Recipient Certificate
+VerifyObjSign=Object Signer
+HighGrade=High Grade
+MediumGrade=Medium Grade
+# LOCALIZATION NOTE (nick_template): $1s is the common name from a cert (e.g. "Mozilla"), $2s is the CA name (e.g. VeriSign)
+nick_template=%1$s’s %2$s ID
+#These are the strings set for the ASN1 objects in a certificate.
+CertDumpCertificate=Certificate
+CertDumpVersion=Version
+# LOCALIZATION NOTE (CertDumpVersionValue): %S is a version number (e.g. "3" in "Version 3")
+CertDumpVersionValue=Version %S
+CertDumpSerialNo=Serial Number
+CertDumpMD2WithRSA=PKCS #1 MD2 With RSA Encryption
+CertDumpMD5WithRSA=PKCS #1 MD5 With RSA Encryption
+CertDumpSHA1WithRSA=PKCS #1 SHA-1 With RSA Encryption
+CertDumpSHA256WithRSA=PKCS #1 SHA-256 With RSA Encryption
+CertDumpSHA384WithRSA=PKCS #1 SHA-384 With RSA Encryption
+CertDumpSHA512WithRSA=PKCS #1 SHA-512 With RSA Encryption
+CertDumpDefOID=Object Identifier (%S)
+CertDumpIssuer=Issuer
+CertDumpSubject=Subject
+CertDumpAVACountry=C
+CertDumpAVAState=ST
+CertDumpAVALocality=L
+CertDumpAVAOrg=O
+CertDumpAVAOU=OU
+CertDumpAVACN=CN
+CertDumpUserID=UID
+CertDumpPK9Email=E
+CertDumpAVADN=DN
+CertDumpAVADC=DC
+CertDumpSurname=Surname
+CertDumpGivenName=Given Name
+CertDumpValidity=Validity
+CertDumpNotBefore=Not Before
+CertDumpNotAfter=Not After
+CertDumpSPKI=Subject Public Key Info
+CertDumpSPKIAlg=Subject Public Key Algorithm
+CertDumpAlgID=Algorithm Identifier
+CertDumpParams=Algorithm Parameters
+CertDumpRSAEncr=PKCS #1 RSA Encryption
+CertDumpRSAPSSSignature=PKCS #1 RSASSA-PSS Signature
+CertDumpRSATemplate=Modulus (%S bits):\n%S\nExponent (%S bits):\n%S
+CertDumpECTemplate=Key size: %S bits\nBase point order length: %S bits\nPublic value:\n%S
+CertDumpIssuerUniqueID=Issuer Unique ID
+CertDumpSubjPubKey=Subject’s Public Key
+CertDumpSubjectUniqueID=Subject Unique ID
+CertDumpExtensions=Extensions
+CertDumpSubjectDirectoryAttr=Certificate Subject Directory Attributes
+CertDumpSubjectKeyID=Certificate Subject Key ID
+CertDumpKeyUsage=Certificate Key Usage
+CertDumpSubjectAltName=Certificate Subject Alt Name
+CertDumpIssuerAltName=Certificate Issuer Alt Name
+CertDumpBasicConstraints=Certificate Basic Constraints
+CertDumpNameConstraints=Certificate Name Constraints
+CertDumpCrlDistPoints=CRL Distribution Points
+CertDumpCertPolicies=Certificate Policies
+CertDumpPolicyMappings=Certificate Policy Mappings
+CertDumpPolicyConstraints=Certificate Policy Constraints
+CertDumpAuthKeyID=Certificate Authority Key Identifier
+CertDumpExtKeyUsage=Extended Key Usage
+CertDumpAuthInfoAccess=Authority Information Access
+CertDumpAnsiX9DsaSignature=ANSI X9.57 DSA Signature
+CertDumpAnsiX9DsaSignatureWithSha1=ANSI X9.57 DSA Signature with SHA1 Digest
+CertDumpAnsiX962ECDsaSignatureWithSha1=ANSI X9.62 ECDSA Signature with SHA1
+CertDumpAnsiX962ECDsaSignatureWithSha224=ANSI X9.62 ECDSA Signature with SHA224
+CertDumpAnsiX962ECDsaSignatureWithSha256=ANSI X9.62 ECDSA Signature with SHA256
+CertDumpAnsiX962ECDsaSignatureWithSha384=ANSI X9.62 ECDSA Signature with SHA384
+CertDumpAnsiX962ECDsaSignatureWithSha512=ANSI X9.62 ECDSA Signature with SHA512
+CertDumpKUSign=Signing
+CertDumpKUNonRep=Non-repudiation
+CertDumpKUEnc=Key Encipherment
+CertDumpKUDEnc=Data Encipherment
+CertDumpKUKA=Key Agreement
+CertDumpKUCertSign=Certificate Signer
+CertDumpKUCRLSigner=CRL Signer
+CertDumpCritical=Critical
+CertDumpNonCritical=Not Critical
+CertDumpSigAlg=Certificate Signature Algorithm
+CertDumpCertSig=Certificate Signature Value
+CertDumpExtensionFailure=Error: Unable to process extension
+CertDumpIsCA=Is a Certificate Authority
+CertDumpIsNotCA=Is not a Certificate Authority
+CertDumpPathLen=Maximum number of intermediate CAs: %S
+CertDumpPathLenUnlimited=unlimited
+CertDumpEKU_1_3_6_1_5_5_7_3_1=TLS Web Server Authentication
+CertDumpEKU_1_3_6_1_5_5_7_3_2=TLS Web Client Authentication
+CertDumpEKU_1_3_6_1_5_5_7_3_3=Code Signing
+CertDumpEKU_1_3_6_1_5_5_7_3_4=E-mail protection
+CertDumpEKU_1_3_6_1_5_5_7_3_8=Time Stamping
+CertDumpEKU_1_3_6_1_5_5_7_3_9=OCSP Signing
+CertDumpEKU_1_3_6_1_4_1_311_2_1_21=Microsoft Individual Code Signing
+CertDumpEKU_1_3_6_1_4_1_311_2_1_22=Microsoft Commercial Code Signing
+CertDumpEKU_1_3_6_1_4_1_311_10_3_1=Microsoft Trust List Signing
+CertDumpEKU_1_3_6_1_4_1_311_10_3_2=Microsoft Time Stamping
+CertDumpEKU_1_3_6_1_4_1_311_10_3_3=Microsoft Server Gated Crypto
+CertDumpEKU_1_3_6_1_4_1_311_10_3_4=Microsoft Encrypting File System
+CertDumpEKU_1_3_6_1_4_1_311_10_3_4_1=Microsoft File Recovery
+CertDumpEKU_1_3_6_1_4_1_311_10_3_5=Microsoft Windows Hardware Driver Verification
+CertDumpEKU_1_3_6_1_4_1_311_10_3_10=Microsoft Qualified Subordination
+CertDumpEKU_1_3_6_1_4_1_311_10_3_11=Microsoft Key Recovery
+CertDumpEKU_1_3_6_1_4_1_311_10_3_12=Microsoft Document Signing
+CertDumpEKU_1_3_6_1_4_1_311_10_3_13=Microsoft Lifetime Signing
+CertDumpEKU_1_3_6_1_4_1_311_20_2_2=Microsoft Smart Card Logon
+CertDumpEKU_1_3_6_1_4_1_311_21_6=Microsoft Key Recovery Agent
+CertDumpMSCerttype=Microsoft Certificate Template Name
+CertDumpMSNTPrincipal=Microsoft Principal Name
+CertDumpMSCAVersion=Microsoft CA Version
+CertDumpMSDomainGUID=Microsoft Domain GUID
+CertDumpEKU_2_16_840_1_113730_4_1=Netscape Server Gated Crypto
+CertDumpRFC822Name=E-Mail Address
+CertDumpDNSName=DNS Name
+CertDumpX400Address=X.400 Address
+CertDumpDirectoryName=X.500 Name
+CertDumpEDIPartyName=EDI Party Name
+CertDumpURI=URI
+CertDumpIPAddress=IP Address
+CertDumpRegisterID=Registered OID
+CertDumpKeyID=Key ID
+CertDumpVerisignNotices=Verisign User Notices
+CertDumpUnused=Unused
+CertDumpKeyCompromise=Key Compromise
+CertDumpCACompromise=CA Compromise
+CertDumpAffiliationChanged=Affiliation Changed
+CertDumpSuperseded=Superseded
+CertDumpCessation=Cessation of Operation
+CertDumpHold=Certificate Hold
+CertDumpOCSPResponder=OCSP
+CertDumpCAIssuers=CA Issuers
+CertDumpCPSPointer=Certification Practice Statement pointer
+CertDumpUserNotice=User Notice
+CertDumpLogotype=Logotype
+CertDumpECPublicKey=Elliptic Curve Public Key
+CertDumpECDSAWithSHA1=X9.62 ECDSA Signature with SHA1
+CertDumpECprime192v1=ANSI X9.62 elliptic curve prime192v1 (aka secp192r1, NIST P-192)
+CertDumpECprime192v2=ANSI X9.62 elliptic curve prime192v2
+CertDumpECprime192v3=ANSI X9.62 elliptic curve prime192v3
+CertDumpECprime239v1=ANSI X9.62 elliptic curve prime239v1
+CertDumpECprime239v2=ANSI X9.62 elliptic curve prime239v2
+CertDumpECprime239v3=ANSI X9.62 elliptic curve prime239v3
+CertDumpECprime256v1=ANSI X9.62 elliptic curve prime256v1 (aka secp256r1, NIST P-256)
+CertDumpECsecp112r1=SECG elliptic curve secp112r1
+CertDumpECsecp112r2=SECG elliptic curve secp112r2
+CertDumpECsecp128r1=SECG elliptic curve secp128r1
+CertDumpECsecp128r2=SECG elliptic curve secp128r2
+CertDumpECsecp160k1=SECG elliptic curve secp160k1
+CertDumpECsecp160r1=SECG elliptic curve secp160r1
+CertDumpECsecp160r2=SECG elliptic curve secp160r2
+CertDumpECsecp192k1=SECG elliptic curve secp192k1
+CertDumpECsecp224k1=SECG elliptic curve secp224k1
+CertDumpECsecp224r1=SECG elliptic curve secp224r1 (aka NIST P-224)
+CertDumpECsecp256k1=SECG elliptic curve secp256k1
+CertDumpECsecp384r1=SECG elliptic curve secp384r1 (aka NIST P-384)
+CertDumpECsecp521r1=SECG elliptic curve secp521r1 (aka NIST P-521)
+CertDumpECc2pnb163v1=ANSI X9.62 elliptic curve c2pnb163v1
+CertDumpECc2pnb163v2=ANSI X9.62 elliptic curve c2pnb163v2
+CertDumpECc2pnb163v3=ANSI X9.62 elliptic curve c2pnb163v3
+CertDumpECc2pnb176v1=ANSI X9.62 elliptic curve c2pnb176v1
+CertDumpECc2tnb191v1=ANSI X9.62 elliptic curve c2tnb191v1
+CertDumpECc2tnb191v2=ANSI X9.62 elliptic curve c2tnb191v2
+CertDumpECc2tnb191v3=ANSI X9.62 elliptic curve c2tnb191v3
+CertDumpECc2onb191v4=ANSI X9.62 elliptic curve c2onb191v4
+CertDumpECc2onb191v5=ANSI X9.62 elliptic curve c2onb191v5
+CertDumpECc2pnb208w1=ANSI X9.62 elliptic curve c2pnb208w1
+CertDumpECc2tnb239v1=ANSI X9.62 elliptic curve c2tnb239v1
+CertDumpECc2tnb239v2=ANSI X9.62 elliptic curve c2tnb239v2
+CertDumpECc2tnb239v3=ANSI X9.62 elliptic curve c2tnb239v3
+CertDumpECc2onb239v4=ANSI X9.62 elliptic curve c2onb239v4
+CertDumpECc2onb239v5=ANSI X9.62 elliptic curve c2onb239v5
+CertDumpECc2pnb272w1=ANSI X9.62 elliptic curve c2pnb272w1
+CertDumpECc2pnb304w1=ANSI X9.62 elliptic curve c2pnb304w1
+CertDumpECc2tnb359v1=ANSI X9.62 elliptic curve c2tnb359v1
+CertDumpECc2pnb368w1=ANSI X9.62 elliptic curve c2pnb368w1
+CertDumpECc2tnb431r1=ANSI X9.62 elliptic curve c2tnb431r1
+CertDumpECsect113r1=SECG elliptic curve sect113r1
+CertDumpECsect113r2=SECG elliptic curve sect113r2
+CertDumpECsect131r1=SECG elliptic curve sect131r1
+CertDumpECsect131r2=SECG elliptic curve sect131r2
+CertDumpECsect163k1=SECG elliptic curve sect163k1 (aka NIST K-163)
+CertDumpECsect163r1=SECG elliptic curve sect163r1
+CertDumpECsect163r2=SECG elliptic curve sect163r2 (aka NIST B-163)
+CertDumpECsect193r1=SECG elliptic curve sect193r1
+CertDumpECsect193r2=SECG elliptic curve sect193r2
+CertDumpECsect233k1=SECG elliptic curve sect233k1 (aka NIST K-233)
+CertDumpECsect233r1=SECG elliptic curve sect233r1 (aka NIST B-233)
+CertDumpECsect239k1=SECG elliptic curve sect239k1
+CertDumpECsect283k1=SECG elliptic curve sect283k1 (aka NIST K-283)
+CertDumpECsect283r1=SECG elliptic curve sect283r1 (aka NIST B-283)
+CertDumpECsect409k1=SECG elliptic curve sect409k1 (aka NIST K-409)
+CertDumpECsect409r1=SECG elliptic curve sect409r1 (aka NIST B-409)
+CertDumpECsect571k1=SECG elliptic curve sect571k1 (aka NIST K-571)
+CertDumpECsect571r1=SECG elliptic curve sect571r1 (aka NIST B-571)
+CertDumpRawBytesHeader=Size: %S Bytes / %S Bits
+PK11BadPassword=The password entered was incorrect.
+SuccessfulP12Backup=Successfully backed up your security certificate(s) and private key(s).
+SuccessfulP12Restore=Successfully restored your security certificate(s) and private key(s).
+PKCS12DecodeErr=Failed to decode the file. Either it is not in PKCS #12 format, has been corrupted, or the password you entered was incorrect.
+PKCS12UnknownErrRestore=Failed to restore the PKCS #12 file for unknown reasons.
+PKCS12UnknownErrBackup=Failed to create the PKCS #12 backup file for unknown reasons.
+PKCS12UnknownErr=The PKCS #12 operation failed for unknown reasons.
+PKCS12InfoNoSmartcardBackup=It is not possible to back up certificates from a hardware security device such as a smart card.
+PKCS12DupData=The certificate and private key already exist on the security device.
+AddModuleFailure=Unable to add module
+AddModuleDup=Security Module already exists
+DelModuleWarning=Are you sure you want to delete this security module?
+DelModuleError=Unable to delete module
+AVATemplate=%S = %S
+
+PSMERR_SSL_Disabled=Can’t connect securely because the SSL protocol has been disabled.
+PSMERR_SSL2_Disabled=Can’t connect securely because the site uses an older, insecure version of the SSL protocol.
+PSMERR_HostReusedIssuerSerial=You have received an invalid certificate. Please contact the server administrator or email correspondent and give them the following information:\n\nYour certificate contains the same serial number as another certificate issued by the certificate authority. Please get a new certificate containing a unique serial number.
+
+SSLConnectionErrorPrefix=An error occurred during a connection to %S.
+
+certErrorIntro=%S uses an invalid security certificate.
+
+certErrorTrust_SelfSigned=The certificate is not trusted because it is self-signed.
+certErrorTrust_UnknownIssuer=The certificate is not trusted because the issuer certificate is unknown.
+certErrorTrust_UnknownIssuer2=The server might not be sending the appropriate intermediate certificates.
+certErrorTrust_UnknownIssuer3=An additional root certificate may need to be imported.
+certErrorTrust_CaInvalid=The certificate is not trusted because it was issued by an invalid CA certificate.
+certErrorTrust_Issuer=The certificate is not trusted because the issuer certificate is not trusted.
+certErrorTrust_SignatureAlgorithmDisabled=The certificate is not trusted because it was signed using a signature algorithm that was disabled because that algorithm is not secure.
+certErrorTrust_ExpiredIssuer=The certificate is not trusted because the issuer certificate has expired.
+certErrorTrust_Untrusted=The certificate does not come from a trusted source.
+
+certErrorMismatch=The certificate is not valid for the name %S.
+# LOCALIZATION NOTE (certErrorMismatchSingle2): Do not translate <a id="cert_domain_link" title="%1$S">%1$S</a>
+certErrorMismatchSingle2=The certificate is only valid for <a id="cert_domain_link" title="%1$S">%1$S</a>
+certErrorMismatchSinglePlain=The certificate is only valid for %S
+certErrorMismatchMultiple=The certificate is only valid for the following names:
+
+# LOCALIZATION NOTE (certErrorExpiredNow): Do not translate %1$S (date+time of expired certificate) or %2$S (current date+time)
+certErrorExpiredNow=The certificate expired on %1$S. The current time is %2$S.
+# LOCALIZATION NOTE (certErrorNotYetValidNow): Do not translate %1$S (date+time certificate will become valid) or %2$S (current date+time)
+certErrorNotYetValidNow=The certificate will not be valid until %1$S. The current time is %2$S.
+
+# LOCALIZATION NOTE (certErrorCodePrefix2): Do not translate <a id="errorCode" title="%1$S">%1$S</a>
+certErrorCodePrefix2=Error code: <a id="errorCode" title="%1$S">%1$S</a>
+
+P12DefaultNickname=Imported Certificate
+CertUnknown=Unknown
+CertNoNickname=(no nickname)
+CertNoEmailAddress=(no email address)
+CaCertExists=This certificate is already installed as a certificate authority.
+NotACACert=This is not a certificate authority certificate, so it can’t be imported into the certificate authority list.
+NotImportingUnverifiedCert=This certificate can’t be verified and will not be imported. The certificate issuer might be unknown or untrusted, the certificate might have expired or been revoked, or the certificate might not have been approved.
+UserCertIgnoredNoPrivateKey=This personal certificate can’t be installed because you do not own the corresponding private key which was created when the certificate was requested.
+UserCertImported=Your personal certificate has been installed. You should keep a backup copy of this certificate.
+CertOrgUnknown=(Unknown)
+CertNotStored=(Not Stored)
+CertExceptionPermanent=Permanent
+CertExceptionTemporary=Temporary
diff --git a/security/manager/locales/en-US/chrome/pippki/certManager.dtd b/security/manager/locales/en-US/chrome/pippki/certManager.dtd
new file mode 100644
index 000000000..6ad47bf7e
--- /dev/null
+++ b/security/manager/locales/en-US/chrome/pippki/certManager.dtd
@@ -0,0 +1,93 @@
+<!-- This Source Code Form is subject to the terms of the Mozilla Public
+ - License, v. 2.0. If a copy of the MPL was not distributed with this
+ - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
+
+<!ENTITY certmgr.title "Certificate Manager">
+
+<!ENTITY certmgr.tab.mine "Your Certificates">
+<!ENTITY certmgr.tab.others2 "People">
+<!ENTITY certmgr.tab.websites3 "Servers">
+<!ENTITY certmgr.tab.ca "Authorities">
+<!ENTITY certmgr.tab.orphan2 "Others">
+
+<!ENTITY certmgr.mine "You have certificates from these organizations that identify you:">
+<!ENTITY certmgr.others "You have certificates on file that identify these people:">
+<!ENTITY certmgr.websites2 "You have certificates on file that identify these servers:">
+<!ENTITY certmgr.cas "You have certificates on file that identify these certificate authorities:">
+<!ENTITY certmgr.orphans "You have certificates on file that do not fit in any of the other categories:">
+
+<!ENTITY certmgr.detail.general_tab.title "General">
+<!ENTITY certmgr.detail.general_tab.accesskey "G">
+<!ENTITY certmgr.detail.prettyprint_tab.title "Details">
+<!ENTITY certmgr.detail.prettyprint_tab.accesskey "D">
+
+<!ENTITY certmgr.pending.label "Currently verifying certificate…">
+<!ENTITY certmgr.subjectinfo.label "Issued To">
+<!ENTITY certmgr.issuerinfo.label "Issued By">
+<!ENTITY certmgr.periodofvalidity.label "Period of Validity" >
+<!ENTITY certmgr.fingerprints.label "Fingerprints">
+<!ENTITY certmgr.certdetail.title "Certificate Detail">
+<!ENTITY certmgr.certdetail.cn "Common Name (CN)">
+<!ENTITY certmgr.certdetail.o "Organization (O)">
+<!ENTITY certmgr.certdetail.ou "Organizational Unit (OU)">
+<!ENTITY certmgr.certdetail.serialnumber "Serial Number">
+<!ENTITY certmgr.certdetail.sha256fingerprint "SHA-256 Fingerprint">
+<!ENTITY certmgr.certdetail.sha1fingerprint "SHA1 Fingerprint">
+
+<!ENTITY certmgr.editcacert.title "Edit CA certificate trust settings">
+<!ENTITY certmgr.editcert.edittrust "Edit trust settings:">
+<!ENTITY certmgr.editcert.trustssl "This certificate can identify websites.">
+<!ENTITY certmgr.editcert.trustemail "This certificate can identify mail users.">
+<!ENTITY certmgr.editcert.trustobjsign "This certificate can identify software makers.">
+
+<!ENTITY certmgr.deletecert.title "Delete Certificate">
+
+<!ENTITY certmgr.certname "Certificate Name">
+<!ENTITY certmgr.certserver "Server">
+<!ENTITY certmgr.override_lifetime "Lifetime">
+<!ENTITY certmgr.tokenname "Security Device">
+<!ENTITY certmgr.begins "Begins On">
+<!ENTITY certmgr.expires "Expires On">
+<!ENTITY certmgr.email "E-Mail Address">
+<!ENTITY certmgr.serial "Serial Number">
+
+<!ENTITY certmgr.close.label "Close">
+<!ENTITY certmgr.close.accesskey "C">
+<!ENTITY certmgr.view2.label "View…">
+<!ENTITY certmgr.view2.accesskey "V">
+<!ENTITY certmgr.edit3.label "Edit Trust…">
+<!ENTITY certmgr.edit3.accesskey "E">
+<!ENTITY certmgr.export.label "Export…">
+<!ENTITY certmgr.export.accesskey "x">
+<!ENTITY certmgr.delete2.label "Delete…">
+<!ENTITY certmgr.delete2.accesskey "D">
+<!ENTITY certmgr.delete_builtin.label "Delete or Distrust…">
+<!ENTITY certmgr.delete_builtin.accesskey "D">
+<!ENTITY certmgr.backup2.label "Backup…">
+<!ENTITY certmgr.backup2.accesskey "B">
+<!ENTITY certmgr.backupall2.label "Backup All…">
+<!ENTITY certmgr.backupall2.accesskey "k">
+<!ENTITY certmgr.restore2.label "Import…">
+<!ENTITY certmgr.restore2.accesskey "m">
+<!ENTITY certmgr.details.label "Certificate Fields">
+<!ENTITY certmgr.details.accesskey "F">
+<!ENTITY certmgr.fields.label "Field Value">
+<!ENTITY certmgr.fields.accesskey "V">
+<!ENTITY certmgr.hierarchy.label "Certificate Hierarchy">
+<!ENTITY certmgr.hierarchy.accesskey2 "H">
+<!ENTITY certmgr.addException.label "Add Exception…">
+<!ENTITY certmgr.addException.accesskey "x">
+
+<!ENTITY exceptionMgr.title "Add Security Exception">
+<!ENTITY exceptionMgr.exceptionButton.label "Confirm Security Exception">
+<!ENTITY exceptionMgr.exceptionButton.accesskey "C">
+<!ENTITY exceptionMgr.supplementalWarning "Legitimate banks, stores, and other public sites will not ask you to do this.">
+<!ENTITY exceptionMgr.certlocation.caption2 "Server">
+<!ENTITY exceptionMgr.certlocation.url "Location:">
+<!ENTITY exceptionMgr.certlocation.download "Get Certificate">
+<!ENTITY exceptionMgr.certlocation.accesskey "G">
+<!ENTITY exceptionMgr.certstatus.caption "Certificate Status">
+<!ENTITY exceptionMgr.certstatus.viewCert "View…">
+<!ENTITY exceptionMgr.certstatus.accesskey "V">
+<!ENTITY exceptionMgr.permanent.label "Permanently store this exception">
+<!ENTITY exceptionMgr.permanent.accesskey "P">
diff --git a/security/manager/locales/en-US/chrome/pippki/deviceManager.dtd b/security/manager/locales/en-US/chrome/pippki/deviceManager.dtd
new file mode 100644
index 000000000..d072fefe1
--- /dev/null
+++ b/security/manager/locales/en-US/chrome/pippki/deviceManager.dtd
@@ -0,0 +1,36 @@
+<!-- This Source Code Form is subject to the terms of the Mozilla Public
+ - License, v. 2.0. If a copy of the MPL was not distributed with this
+ - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
+
+<!ENTITY devmgr.title "Device Manager">
+<!-- LOCALIZATION NOTE (devmgr.style2): This is CSS style for Device Manager
+ window size. Don't translate "width" nor "height". Adjust the numbers
+ to make window contents fit. -->
+<!ENTITY devmgr.style2 "width: 67em; height: 32em;">
+
+<!ENTITY devmgr.devlist.label "Security Modules and Devices">
+<!ENTITY devmgr.details.title "Details">
+<!ENTITY devmgr.details.title2 "Value">
+
+<!ENTITY devmgr.button.login.label "Log In">
+<!ENTITY devmgr.button.login.accesskey "n">
+<!ENTITY devmgr.button.logout.label "Log Out">
+<!ENTITY devmgr.button.logout.accesskey "O">
+<!ENTITY devmgr.button.changepw.label "Change Password">
+<!ENTITY devmgr.button.changepw.accesskey "P">
+<!ENTITY devmgr.button.load.label "Load">
+<!ENTITY devmgr.button.load.accesskey "L">
+<!ENTITY devmgr.button.unload.label "Unload">
+<!ENTITY devmgr.button.unload.accesskey "U">
+<!ENTITY devmgr.button.fips.accesskey "F">
+
+<!ENTITY loaddevice.info "Enter the information for the module you want to add.">
+<!ENTITY loaddevice.modname "Module Name:">
+<!ENTITY loaddevice.modname.accesskey "M">
+<!ENTITY loaddevice.modname.default "New PKCS#11 Module">
+<!ENTITY loaddevice.filename "Module filename:">
+<!ENTITY loaddevice.filename.accesskey "f">
+<!ENTITY loaddevice.browse "Browse…">
+<!ENTITY loaddevice.browse.accesskey "B">
+
+<!ENTITY loaddevice.title "Load PKCS#11 Device">
diff --git a/security/manager/locales/en-US/chrome/pippki/pippki.dtd b/security/manager/locales/en-US/chrome/pippki/pippki.dtd
new file mode 100644
index 000000000..3bc3c1f85
--- /dev/null
+++ b/security/manager/locales/en-US/chrome/pippki/pippki.dtd
@@ -0,0 +1,51 @@
+<!-- This Source Code Form is subject to the terms of the Mozilla Public
+ - License, v. 2.0. If a copy of the MPL was not distributed with this
+ - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
+
+<!-- Values for changepassword.xul -->
+<!ENTITY setPassword.title "Change Master Password">
+<!ENTITY setPassword.tokenName.label "Security Device">
+<!ENTITY setPassword.oldPassword.label "Current password:">
+<!ENTITY setPassword.newPassword.label "New password:">
+<!ENTITY setPassword.reenterPassword.label "New password (again):">
+<!ENTITY setPassword.meter.label "Password quality meter">
+
+<!-- Values for resetpassword.xul -->
+<!ENTITY resetPasswordButtonLabel "Reset">
+<!ENTITY resetPassword.title "Reset Master Password">
+<!ENTITY resetPassword.text "If you reset your master password, all your stored web and e-mail passwords, form data, personal certificates, and private keys will be forgotten. Are you sure you want to reset your master password?">
+
+<!-- Downloading a cert -->
+<!ENTITY downloadCert.title "Downloading Certificate">
+<!ENTITY downloadCert.message1 "You have been asked to trust a new Certificate Authority (CA).">
+<!ENTITY downloadCert.trustSSL "Trust this CA to identify websites.">
+<!ENTITY downloadCert.trustEmail "Trust this CA to identify email users.">
+<!ENTITY downloadCert.trustObjSign "Trust this CA to identify software developers.">
+<!ENTITY downloadCert.message3 "Before trusting this CA for any purpose, you should examine its certificate and its policy and procedures (if available).">
+<!ENTITY downloadCert.viewCert.label "View">
+<!ENTITY downloadCert.viewCert.text "Examine CA certificate">
+
+<!-- Strings for the SSL client auth ask dialog -->
+<!ENTITY clientAuthAsk.title "User Identification Request">
+<!ENTITY clientAuthAsk.message1 "This site has requested that you identify yourself with a certificate:">
+<!ENTITY clientAuthAsk.message2 "Choose a certificate to present as identification:">
+<!ENTITY clientAuthAsk.message3 "Details of selected certificate:">
+
+<!ENTITY pkcs12.setpassword.title "Choose a Certificate Backup Password">
+<!ENTITY pkcs12.setpassword.message "The certificate backup password you set here protects the backup file that you are about to create. You must set this password to proceed with the backup.">
+<!ENTITY pkcs12.setpassword.label1 "Certificate backup password:">
+<!ENTITY pkcs12.setpassword.label2 "Certificate backup password (again):">
+<!ENTITY pkcs12.setpassword.reminder "Important: If you forget your certificate backup password, you will not be able to restore this backup later. Please record it in a safe location.">
+
+<!ENTITY chooseToken.title "Choose Token Dialog">
+<!ENTITY chooseToken.message1 "Please choose a token.">
+
+<!-- Strings for the CreateCertInfo dialog -->
+<!ENTITY createCertInfo.title "Generating A Private Key">
+<!ENTITY createCertInfo.msg1 "Key Generation in progress… This may take a few minutes….">
+<!ENTITY createCertInfo.msg2 "Please wait…">
+
+<!-- Strings for protectedAuth dialog -->
+<!ENTITY protectedAuth.title "Protected Token Authentication">
+<!ENTITY protectedAuth.msg "Please authenticate to the token. Authentication method depends on the type of your token.">
+<!ENTITY protectedAuth.tokenName.label "Token:">
diff --git a/security/manager/locales/en-US/chrome/pippki/pippki.properties b/security/manager/locales/en-US/chrome/pippki/pippki.properties
new file mode 100644
index 000000000..fd002b434
--- /dev/null
+++ b/security/manager/locales/en-US/chrome/pippki/pippki.properties
@@ -0,0 +1,192 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+CertPassPrompt=Please enter the Personal Security Password for the PSM Private Keys security device.
+
+# LOCALIZATION NOTE(certWithSerial): Used for semi-uniquely representing a cert.
+# %1$S is the serial number of the cert in AA:BB:CC hex format.
+certWithSerial=Certificate with serial number: %1$S
+
+# Download Cert dialog
+# LOCALIZATION NOTE(newCAMessage1):
+# %S is a string representative of the certificate being downloaded/imported.
+newCAMessage1=Do you want to trust “%S” for the following purposes?
+unnamedCA=Certificate Authority (unnamed)
+
+# For editing cert trust
+editTrustCA=The certificate “%S” represents a Certificate Authority.
+
+# For Deleting Certificates
+deleteSslCertConfirm3=Are you sure you want to delete these server exceptions?
+deleteSslCertImpact3=If you delete a server exception, you restore the usual security checks for that server and require it uses a valid certificate.
+deleteSslCertTitle3=Delete Server Certificate Exceptions
+
+deleteUserCertConfirm=Are you sure you want to delete these certificates?
+deleteUserCertImpact=If you delete one of your own certificates, you can no longer use it to identify yourself.
+deleteUserCertTitle=Delete your Certificates
+
+deleteCaCertConfirm2=You have requested to delete these CA certificates. For built-in certificates all trust will be removed, which has the same effect. Are you sure you want to delete or distrust?
+deleteCaCertImpactX2=If you delete or distrust a certificate authority (CA) certificate, this application will no longer trust any certificates issued by that CA.
+deleteCaCertTitle2=Delete or Distrust CA Certificates
+
+deleteEmailCertConfirm=Are you sure you want to delete these people’s e-mail certificates?
+deleteEmailCertImpactDesc=If you delete a person’s e-mail certificate, you will no longer be able to send encrypted e-mail to that person.
+deleteEmailCertTitle=Delete E-Mail Certificates
+
+deleteOrphanCertConfirm=Are you sure you want to delete these certificates?
+deleteOrphanCertTitle=Delete Certificates
+
+# PKCS#12 file dialogs
+chooseP12RestoreFileDialog2=Certificate File to Import
+chooseP12BackupFileDialog=File Name to Backup
+file_browse_PKCS12_spec=PKCS12 Files
+getPKCS12FilePasswordMessage=Please enter the password that was used to encrypt this certificate backup:
+
+# Cert verification
+certVerified=This certificate has been verified for the following uses:
+certNotVerified_CertRevoked=Could not verify this certificate because it has been revoked.
+certNotVerified_CertExpired=Could not verify this certificate because it has expired.
+certNotVerified_CertNotTrusted=Could not verify this certificate because it is not trusted.
+certNotVerified_IssuerNotTrusted=Could not verify this certificate because the issuer is not trusted.
+certNotVerified_IssuerUnknown=Could not verify this certificate because the issuer is unknown.
+certNotVerified_CAInvalid=Could not verify this certificate because the CA certificate is invalid.
+certNotVerified_AlgorithmDisabled=Could not verify this certificate because it was signed using a signature algorithm that was disabled because that algorithm is not secure.
+certNotVerified_Unknown=Could not verify this certificate for unknown reasons.
+
+# Client auth
+clientAuthRemember=Remember this decision
+# LOCALIZATION NOTE(clientAuthNickAndSerial): Represents a single cert when the
+# user is choosing from a list of certificates.
+# %1$S is the nickname of the cert.
+# %2$S is the serial number of the cert in AA:BB:CC hex format.
+clientAuthNickAndSerial=%1$S [%2$S]
+# LOCALIZATION NOTE(clientAuthHostnameAndPort):
+# %1$S is the hostname of the server.
+# %2$S is the port of the server.
+clientAuthHostnameAndPort=%1$S:%2$S
+# LOCALIZATION NOTE(clientAuthMessage1): %S is the Organization of the server
+# cert.
+clientAuthMessage1=Organization: “%S”
+# LOCALIZATION NOTE(clientAuthMessage2): %S is the Organization of the issuer
+# cert of the server cert.
+clientAuthMessage2=Issued Under: “%S”
+# LOCALIZATION NOTE(clientAuthIssuedTo): %1$S is the Distinguished Name of the
+# currently selected client cert, such as "CN=John Doe,OU=Example" (without
+# quotes).
+clientAuthIssuedTo=Issued to: %1$S
+# LOCALIZATION NOTE(clientAuthSerial): %1$S is the serial number of the selected
+# cert in AA:BB:CC hex format.
+clientAuthSerial=Serial number: %1$S
+# LOCALIZATION NOTE(clientAuthValidityPeriod):
+# %1$S is the already localized notBefore date of the selected cert.
+# %2$S is the already localized notAfter date of the selected cert.
+clientAuthValidityPeriod=Valid from %1$S to %2$S
+# LOCALIZATION NOTE(clientAuthKeyUsages): %1$S is a comma separated list of
+# already localized key usages the selected cert is valid for.
+clientAuthKeyUsages=Key Usages: %1$S
+# LOCALIZATION NOTE(clientAuthEmailAddresses): %1$S is a comma separated list of
+# e-mail addresses the selected cert is valid for.
+clientAuthEmailAddresses=Email addresses: %1$S
+# LOCALIZATION NOTE(clientAuthIssuedBy): %1$S is the Distinguished Name of the
+# cert which issued the selected cert.
+clientAuthIssuedBy=Issued by: %1$S
+# LOCALIZATION NOTE(clientAuthStoredOn): %1$S is the name of the PKCS #11 token
+# the selected cert is stored on.
+clientAuthStoredOn=Stored on: %1$S
+
+# Page Info
+pageInfo_NoEncryption=Connection Not Encrypted
+pageInfo_Privacy_None1=The website %S does not support encryption for the page you are viewing.
+pageInfo_Privacy_None2=Information sent over the Internet without encryption can be seen by other people while it is in transit.
+pageInfo_Privacy_None4=The page you are viewing was not encrypted before being transmitted over the Internet.
+# LOCALIZATION NOTE (pageInfo_EncryptionWithBitsAndProtocol and pageInfo_BrokenEncryption):
+# %1$S is the name of the encryption standard,
+# %2$S is the key size of the cipher.
+# %3$S is protocol version like "SSL 3" or "TLS 1.2"
+pageInfo_EncryptionWithBitsAndProtocol=Connection Encrypted (%1$S, %2$S bit keys, %3$S)
+pageInfo_BrokenEncryption=Broken Encryption (%1$S, %2$S bit keys, %3$S)
+pageInfo_Privacy_Encrypted1=The page you are viewing was encrypted before being transmitted over the Internet.
+pageInfo_Privacy_Encrypted2=Encryption makes it difficult for unauthorized people to view information traveling between computers. It is therefore unlikely that anyone read this page as it traveled across the network.
+pageInfo_MixedContent=Connection Partially Encrypted
+pageInfo_MixedContent2=Parts of the page you are viewing were not encrypted before being transmitted over the Internet.
+pageInfo_WeakCipher=Your connection to this website uses weak encryption and is not private. Other people can view your information or modify the website’s behavior.
+pageInfo_CertificateTransparency_None=This website does not supply Certificate Transparency audit records.
+pageInfo_CertificateTransparency_OK=This website supplies publicly auditable Certificate Transparency records.
+pageInfo_CertificateTransparency_UnknownLog=This website claims to have Certificate Transparency audit records, but the records were issued by an unknown party and cannot be verified.
+pageInfo_CertificateTransparency_Invalid=This website supplies Certificate Transparency audit records, but the records failed verification.
+
+# Cert Viewer
+# LOCALIZATION NOTE(certViewerTitle): Title used for the Certificate Viewer.
+# %1$S is a string representative of the certificate being viewed.
+certViewerTitle=Certificate Viewer: “%1$S”
+notPresent=<Not Part Of Certificate>
+
+# Token Manager
+password_not_set=(not set)
+failed_pw_change=Unable to change Master Password.
+incorrect_pw=You did not enter the correct current Master Password. Please try again.
+pw_change_ok=Master Password successfully changed.
+pw_erased_ok=Warning! You have deleted your Master Password.
+pw_not_wanted=Warning! You have decided not to use a Master Password.
+pw_empty_warning=Your stored web and email passwords, form data, and private keys will not be protected.
+pw_change2empty_in_fips_mode=You are currently in FIPS mode. FIPS requires a non-empty Master Password.
+login_failed=Failed to Login
+loadPK11TokenDialog=Choose a PKCS#11 device to load
+devinfo_modname=Module
+devinfo_modpath=Path
+devinfo_label=Label
+devinfo_manID=Manufacturer
+devinfo_serialnum=Serial Number
+devinfo_hwversion=HW Version
+devinfo_fwversion=FW Version
+devinfo_status=Status
+devinfo_desc=Description
+devinfo_stat_disabled=Disabled
+devinfo_stat_notpresent=Not Present
+devinfo_stat_uninitialized=Uninitialized
+devinfo_stat_notloggedin=Not Logged In
+devinfo_stat_loggedin=Logged In
+devinfo_stat_ready=Ready
+enable_fips=Enable FIPS
+disable_fips=Disable FIPS
+fips_nonempty_password_required=FIPS mode requires that you have a Master Password set for each security device. Please set the password before trying to enable FIPS mode.
+unable_to_toggle_fips=Unable to change the FIPS mode for the security device. It is recommended that you exit and restart this application.
+
+resetPasswordConfirmationTitle=Reset Master Password
+resetPasswordConfirmationMessage=Your password has been reset.
+
+# Import certificate(s) file dialog
+importEmailCertPrompt=Select File containing somebody’s Email certificate to import
+importCACertsPrompt=Select File containing CA certificate(s) to import
+file_browse_Certificate_spec=Certificate Files
+
+# Cert export
+SaveCertAs=Save Certificate To File
+CertFormatBase64=X.509 Certificate (PEM)
+CertFormatBase64Chain=X.509 Certificate with chain (PEM)
+CertFormatDER=X.509 Certificate (DER)
+CertFormatPKCS7=X.509 Certificate (PKCS#7)
+CertFormatPKCS7Chain=X.509 Certificate with chain (PKCS#7)
+writeFileFailure=File Error
+writeFileFailed=Can’t write to file %S:\n%S.
+writeFileAccessDenied=Access denied
+writeFileIsLocked=File is locked
+writeFileNoDeviceSpace=No space left on device
+writeFileUnknownError=Unknown error
+
+# Add Security Exception dialog
+addExceptionBrandedWarning2=You are about to override how %S identifies this site.
+addExceptionInvalidHeader=This site attempts to identify itself with invalid information.
+addExceptionDomainMismatchShort=Wrong Site
+addExceptionDomainMismatchLong2=The certificate belongs to a different site, which could mean that someone is trying to impersonate this site.
+addExceptionExpiredShort=Outdated Information
+addExceptionExpiredLong2=The certificate is not currently valid. It may have been stolen or lost, and could be used by someone to impersonate this site.
+addExceptionUnverifiedOrBadSignatureShort=Unknown Identity
+addExceptionUnverifiedOrBadSignatureLong2=The certificate is not trusted because it hasn’t been verified as issued by a trusted authority using a secure signature.
+addExceptionValidShort=Valid Certificate
+addExceptionValidLong=This site provides valid, verified identification. There is no need to add an exception.
+addExceptionCheckingShort=Checking Information
+addExceptionCheckingLong2=Attempting to identify this site…
+addExceptionNoCertShort=No Information Available
+addExceptionNoCertLong2=Unable to obtain identification status for this site.