Hi,

Before posting a bug I will rebuild the NSS with complete set of
elliptic curves from NSS_3_11_1_RTM, and than try to create another
certificate request, sign-it and import it again.

My previous build was based on 3.12 with update based on solaris
ecl-curve.h, I've run diff, and it seams that some elliptic curve
definitions are slightly different.

I've noticed that the request I've created with certutil did contain
CN,O, and C. After signing a certificate the resulting certificate does
not contain values I've specified. This may be the issue of the ejbca,
which I've used for CA.

Regards,
Momcilo Majic

Nelson B Bolyard wrote:
> Momcilo Majic wrote, On 2008-08-25 23:40:
> 
>> Hi you were correct, the trust was designated as Pu,Pu,Pu. Still
>>
>> - NSS is 3.12 built on Windows XP, VS2003 + MozillaBuild
> 
> OK, In that case, it sounds like a definite bug.
> If you could supply your cert and key DB files, I'd debug it.
> 
> I gather that the cert and key DB files you are are for testing,
> and that sending them to me would not compromise any actual
> security of any live operations, but if that is not so, then of
> course, you should not send them to me.
> 
> You might also register your email address with bugzilla, so that
> you can be put on the CC list for the bug that is likely to be
> filed for this problem.
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Reply via email to