On Dec 3, 1:21 am, "fat.fuck" <[EMAIL PROTECTED]> wrote: > On 3 Dec, 00:29, Eddy Nigg <[EMAIL PROTECTED]> wrote: > > > > > On 12/03/2008 02:20 AM, fat.fuck: > > > > i didn't explicitlly supply the certs' private key file location to > > > the certutil command line when i added the certs to cert7.db > > > (although, the private key .pem files were in fact in the same > > > directory as the .pem cert files when i ran the certutil command). > > > This most likely means that there is no private key stored, just the > > public key/certificate. You'd need to provide a PKCS12 file instead > > which includes the private key. > > > -- > > Regards > > > Signer: Eddy Nigg, StartCom Ltd. > > Jabber: [EMAIL PROTECTED] > > Blog: https://blog.startcom.org > > thanks for your reply mr. nigg, > > > This most likely means that there is no private key stored, just the > > public key/certificate. You'd need to provide a PKCS12 file instead > > which includes the private key. > > that makes sense. thanks, mr nigg. now, please, can you tell me how i > can view|list the private keys in key3.db once i've ran certutil with > a pkcs12 file? > > > "The Certificate Database Tool is a command-line utility that > > can...display the contents of the key database..." > > what is the certutil command that the above statement from the > certutil docs is referring to? > > mr. megginson, i can't work out what version of nss/certutil came > bundled with the dsrk v 5.2 (is there a command i can run that would > tell me?). all i know is i downloaded the dsrk 5.2 binaries from sun > and installed it on my sun box on nov 25, 2006. so its safe to assume > i'm using whichever release of nss that was current on that date; i > guess. > > i do know that the $HOME/.netscape on my sun box is from netscape > communicator 4.76. again, the only reason i used that location is > because the tutorial i was using instructed me to. and there just > happened to be a cert7.db file at that location. from now on, i will > use the cert8.db file in my "mozilla 1.4 for sun java desktop system > (solaris operating system edition)" profile. > > also, running "truss ldapsearch..." spewed out a lot of gibberish that > i don't have time to decipher at the moment. thanks for the suggestion > anyway, mr. megginson. > > thanks in advance to anybody else in the ng who can also fill me in on > anything that might be helpful.
i remembered what documentation instructed me to use $HOME/.netscape/ cert7.db. it was sun's "Sun ONE Server Console 5.2 Server Management Guide". the chapter on "Using SSL and TLS with Sun ONE Servers": http://docs.sun.com/source/816-6704-10/ssl.html#22531 "Copy the Netscape Communicator certificate database files, cert7.db and key3.db, that contain your certificates to your .mcc directory. ... On UNIX systems, the cert7.db and key3.db files are located in your home directory, /$HOME/.netscape. $HOME is your root directory if you are running Administration Server as root. $HOME is your user home directory if you are running Administration Server as a user, for example, /home/username or /export/home/username. ..." i know it's neither here nor there. but i was going crazy trying to remember myself why i used cert7.db. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
