I’m usually a quite peaceful guy, but whenever I need to interact with an A-trust product or their website, I get this urge to kick someone.


In this case I wanted to send an encrypted mail to an user of the Austrian Citizen Card. For that, I need the X.509 cert for that person.

The first obstacle was the non-graceful degradation of the a-trust website if you have disabled javascript (or, in my case, use NoScript in Firefox). Okay, once I cleared that hurdle, I got a list of 6 or 8 keys for my recipient. The list doesn’t show which keys are ECC and which are RSA, and trying to download them gave me:

a trust fail

for single certs and

a trust fail2

for chains.

Good work, folks.