[EMAIL PROTECTED] wrote:
Hi, I am trying use nss for obtaining keystore with user certificates from firefox but i am ending with java.security.ProviderException: Library / home/xxx/.mozilla/firefox/16zcyg70.default/libnssckbi.so does not exist. For creating SunPKCS11 provider I've used following configuration: name=FireFox nssLibraryDirectory=/usr/lib/ nssSecmodDirectory=/home/xxx/.mozilla/firefox/16zcyg70.default/ nssDbMode=readOnly nssModule=keystore attributes=compatibilityWhen i copy libnssckbi.so to firefox profile dir, program runs ok. And from debug i get this:
[ output deleted].
Yes, the trust anchors are stored in libnssckbi.so. NSS nssckbi is the NSS cryptoki Builtin (root store).Which means that libnssckbi.so is used for obtaing trustanchors and i dont know why. In configuration I've set that i want only access to keystore. Any ideas?
To get trust anchors you need NSS to load that library. Applications like firefox know about this ahead of time, and automatically load it if it hasn't been loaded, but no all NSS apps know how to do this. To aid those applications, NSS will automatically load it if it finds it in the same directory as the NSS cert & key store.
I believe this is exactly what you are seeing. bob
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
