The current certdata.txt in the repository is not the one that generated your version of Firefox. (There have been a couple of changes in the past couple of months, and no client releases.)
-Kyle H On Wed, Aug 20, 2008 at 11:05 PM, Daniel Stenberg <[EMAIL PROTECTED]> wrote: > On Wed, 20 Aug 2008, Wan-Teh Chang wrote: > >>> certutil: function failed: security library: bad database. >> >> 'DB' is the directory that contains your NSS databases. > > Thanks for that and sorry for not doing my home work properly. > > This turns out to generate a rather interesting list. Using my currently > installed db set I get 126 names, but the certdata.txt file in the Mozilla CVS > repo ( $Revision: 1.45 $ $Date: 2008/01/17 ) contains 124 (using "make > ca-bundle" in the curl build tree). > > Diffing the list of names show my db contains 3 more names and one less than > certdata.txt. > > Is this a bug in our source to PEM script, or what does it mean? I would > expect the two lists to be identical, or is that just another bad assumption > on my part? Are we using the wrong certdata.txt file? > > The file our script downloads and converts to PEM is this: > > The certdata.txt is downloaded from here: > > http://lxr.mozilla.org/seamonkey/source/security/nss/lib/ckfw/builtins/certdata.txt?raw=1 > > The conversion script uses the openssl tool and is found here: > > http://curl.haxx.se/lxr/source/lib/mk-ca-bundle.pl > > -- > > / daniel.haxx.se > _______________________________________________ > dev-tech-crypto mailing list > dev-tech-crypto@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-tech-crypto > _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
