ksreedha...@gmail.com wrote, On 2009-04-02 21:54: > Hello, > > NSS version 3.11.4 > > If I use the tstclnt with self signed certificate on the server (with > some name in Issuer/Subject common name for Certiificate) > > "tstclnt -h <hostname> -p <port> -d <your nss cert db dir> -v -2 -3 -c > v". It fails with the error "certificate issuer is not recognized". > > If I use "CACert" for this common name, it fails with error "requested > domain name does not match the server’s certificate". > > It works fine with -o option. > > Does this test client works with self signed certificates or not.
It given them all the respect they deserve, which is exactly none, unless the relying party (user) has marked the certs as trusted peers. > Do I need to do any configuration for trusting these certificates. Yes, you need to mark them as truted peers in the client's cert DB. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
