Dear All,
I was trying to create the CA store using the buildin CA certificates in
libnssckbi library.
I was extracting the certificate from the module using the following code
snippet.
cert_list = PK11_ListCertsInSlot(slot);
for(cert_node = CERT_LIST_HEAD(cert_list);
!CERT_LIST_END(cert_node, cert_list);
cert_node = CERT_LIST_NEXT(cert_node)) {
cert_b64 = BTOA_DataToAscii(cert_node->cert->derCert.data,
cert_node->cert->derCert.len);
fprintf(fp, "-----BEGIN CERTIFICATE-----\n");
fprintf(fp, "%s\n", cert_b64);
fprintf(fp, "-----END CERTIFICATE-------\n");
PORT_Free(cert_b64);
}
I was using that backup file to restore the certificate to the database.
While viweing the certificate with
certutil -N -d .
There was no Trust flags associated with the certificates. Allthough if i
copy the libnssckbi.so to the directory flags are coming properly.
I thought certificate flags are stored in the databse. Then why it is
required to have the libnssckbi.so library in the certificate database.
Regards,
Samrat
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
