Andrei Korostelev wrote:
What you just did is likely to corrupt your database. The NSS database format is not multi-process safe.After importing a certificate into the Firefox either using certutil.exe utility or programatically using NSS API (P12U_ImportPKCS12Object / PK11_ImportCert), I can see that the certificate has been successfully imported (%certutils.exe -L) , however Firefox does not display it (Tools->Options->Advanced->View Certificates) until I restart the browser. I am wondering is it a way to instruct the already running Firefox to reload its security database (containing certs) without restarting it (e.g. this happens when I import cert. from Firefox UI)?
If firefox is running, only firefox can update the cert database.
However, if you are interested it experimenting.... The shared database version of NSS was checked into the Firefox 3 nightly tree this afternoon. You need to set an environment variable to get Firefox to use the new database format. Warning: there is a chance the new database code will eat your certs and keys (including the key used to encrypt your saved passwords), so I suggest backing up your profile).
To use the new database set the following environment variable: NSS_DEFAULT_DB_TYPE to sql.You'll need a new version of certutil, either built from the nss tip or from the NSS_3_12_ALPHA1A tag. It's all alpha code at this point. certutil will use the same environment variable, or you can force certutil to use a specific format by adding a dbm: or sql: in front of the your directory spec (example: certutil -d dbm:/home/usr/.mozilla/firefox/qfr1234z )
bob
_______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
