Comment 3 for bug 839864

We kind of know what's up, there's an issue with allowing password-less certificates, and there's definitely an extension missing that should be allowed.

I can fix it in two passes; it should be simple enough to enable the extra .key extension, and fixing password-less certificates can be dealt with as a separate bug (I'm certain there is at least one, if not many, already open).