michael duan wrote, On 2008-02-21 19:06: > I am very insterested at NSS and try to use it now. I wrote some test > code for signing file like cmd-p7sign.c, but I met a problem about > signing something with a untrusted certificate. So I want to know > whether we could do that or not?
There's nowhere near enough information about what you did or what the exact results were to be able to help you. Generally, signatures are not made with certs, but rather with private keys. The signer doesn't act as a relying party, and so generally need not trust the CA that issued the cert that verifies his signatures. Some programs nonetheless attempt to ensure that the signer does trust the CA that issues his signature verification cert. Maybe you ran into such a program. > Another question is: > How can I get the information about issuer of a certificate such as > issuer's name, country, organization and so on. Depending on where the cert is located, you can print it out with either the NSS program "pp" or the NSS program certutil. > Any suggestions are appreciated. /Nelson _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
