cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: some more NSS questions ...

From: Guenter <lists_at_gknw.net>
Date: Tue, 08 Sep 2009 19:42:31 +0200

Hi,
Kamil Dudka schrieb:
>>>> first its crazy enough that the NSS cert dir delivered by my OpenSuSE
>>>> 11.1 distro looks liek that:
>>>> # l /etc/pki/nssdb/
>>>> total 28
>>>> drwxr-xr-x 2 root root 128 19. Aug 01:18 ./
>>>> drwxr-xr-x 3 root root 72 19. Aug 01:18 ../
>>>> -rw-r--r-- 1 root root 9216 19. Aug 01:18 cert9.db
>>>> -rw-r--r-- 1 root root 9216 19. Aug 01:18 key4.db
>>>> -rw-r--r-- 1 root root 412 19. Aug 01:18 pkcs11.txt
>>>> so (lib)curl must fail since it inits with a file secmod.db which is
>>>> clearly missing here ...
>>> I am not sure with the file names. Are you able to access the database
>>> with certutil?
>> nope:
>> # certutil -d /etc/pki/nssdb -L
>> certutil: function failed: security library: bad database.
I think I figured this already out:
certutil -L -d sql:/etc/pki/nssdb

Certificate Nickname Trust
Attributes

SSL,S/MIME,JAR/XPI

so seems we have to deal with a new format too now, see also:
https://wiki.mozilla.org/NSS_Shared_DB_And_LINUX

will soon check if changing the NSS init for this will work with curl ...

Gün.
Received on 2009-09-08