Robert Relyea wrote:
BTW you can also create the same effect by using the modutil tool to add and explicit path to libnssckbi.so to secmod. Older versions of Firefox used to do this, but modern ones my just load libnssckbi on it's own.[ output deleted].Yes, the trust anchors are stored in libnssckbi.so. NSS nssckbi is the NSS cryptoki Builtin (root store).Which means that libnssckbi.so is used for obtaing trustanchors and i dont know why. In configuration I've set that i want only access to keystore. Any ideas?To get trust anchors you need NSS to load that library. Applications like firefox know about this ahead of time, and automatically load it if it hasn't been loaded, but no all NSS apps know how to do this. To aid those applications, NSS will automatically load it if it finds it in the same directory as the NSS cert & key store.I believe this is exactly what you are seeing.
bob
bob ------------------------------------------------------------------------ _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
