Hi, Before posting a bug I will rebuild the NSS with complete set of elliptic curves from NSS_3_11_1_RTM, and than try to create another certificate request, sign-it and import it again.
My previous build was based on 3.12 with update based on solaris ecl-curve.h, I've run diff, and it seams that some elliptic curve definitions are slightly different. I've noticed that the request I've created with certutil did contain CN,O, and C. After signing a certificate the resulting certificate does not contain values I've specified. This may be the issue of the ejbca, which I've used for CA. Regards, Momcilo Majic Nelson B Bolyard wrote: > Momcilo Majic wrote, On 2008-08-25 23:40: > >> Hi you were correct, the trust was designated as Pu,Pu,Pu. Still >> >> - NSS is 3.12 built on Windows XP, VS2003 + MozillaBuild > > OK, In that case, it sounds like a definite bug. > If you could supply your cert and key DB files, I'd debug it. > > I gather that the cert and key DB files you are are for testing, > and that sending them to me would not compromise any actual > security of any live operations, but if that is not so, then of > course, you should not send them to me. > > You might also register your email address with bugzilla, so that > you can be put on the CC list for the bug that is likely to be > filed for this problem. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto