On Wed, 20 Aug 2008, Wan-Teh Chang wrote: >> certutil: function failed: security library: bad database. > > 'DB' is the directory that contains your NSS databases.
Thanks for that and sorry for not doing my home work properly. This turns out to generate a rather interesting list. Using my currently installed db set I get 126 names, but the certdata.txt file in the Mozilla CVS repo ( $Revision: 1.45 $ $Date: 2008/01/17 ) contains 124 (using "make ca-bundle" in the curl build tree). Diffing the list of names show my db contains 3 more names and one less than certdata.txt. Is this a bug in our source to PEM script, or what does it mean? I would expect the two lists to be identical, or is that just another bad assumption on my part? Are we using the wrong certdata.txt file? The file our script downloads and converts to PEM is this: The certdata.txt is downloaded from here: http://lxr.mozilla.org/seamonkey/source/security/nss/lib/ckfw/builtins/certdata.txt?raw=1 The conversion script uses the openssl tool and is found here: http://curl.haxx.se/lxr/source/lib/mk-ca-bundle.pl -- / daniel.haxx.se _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
