I'm having a tricky problem. What I am trying to do is to add an object signing certificate to the NSS database. This can be done using certutil, yes. But this is a xulapp that uses nsINSSCertCache, which I fear is causing problems.
I need to know how to import object signing certificates to the database using nsIX509CertDB. Currently I am calling certdb directly, by creating a nsIProcess and calling the executable. This is not having the desired effect. The consequence is that the database changes the certificate from 'u,u,u' to ',,,' when doing a certuil -L. Which causes the certificate not to show up, and a host of other problems that can be only solved by deleteing the profile. The only way I have managed to get it to work is by adding my certificate right after creating a certificate request, shutting down my xulapp, relaunching and readding the certificate, shutting down and relaunching again. Obviously, this is not very desirable for my users. I don't know why this particular set of steps fixes it, but it does. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
