The Linux version of Chromium initializes NSS with a
NSS_InitReadWrite("sql:~/.pki/nssdb") call.Since the Linux Chromium doesn't have UI for managing certs yet, some users are trying to use certutil to do that. They reported that they can list certs: % cd ~/.pki/nssdb % certutil -d sql:$PWD -L But when they try to add a new cert, they get: certutil: could not authenticate to token NSS Certificate DB.: An I/O error occurred during security authorization. I also get this error message when I try to list keys with the -K option. It seems that the database is in a "password not set" state, which is different from having an empty-string password. If I use "certutil -W" to set an empty-string password, then I can list keys without entering any password. So the "empty-string password" state seems to be what I wanted -- a sql: shared DB that doesn't require login. Is my understanding correct? What's the C code I need to write to get the shared DB into that state? Thanks, Wan-Teh -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
