Hi Aditya,
you can find trust related info in certutil documentation :
http://www.mozilla.org/projects/security/pki/nss/tools/certutil.html.
Look for the -t option for the trust arguments.
If you know that it is a server cert, you can also use the
'nsNSSCertificateDB::ImportServerCertificate() method
(
http://mxr.mozilla.org/mozilla-central/source/security/manager/ssl/src/nsNSSCertificateDB.cpp#656
).
You have to convert base64 data to DER format before using this method.
BTW, If you are downloading the cert as 'base-64 data' directly from
the server and if you set the appropriate mime-type for the download
URL, then browser will automatically prompt for importing the cert and
allow you to set the trust info.
The mime type for server cert is 'application/x-x509-server-cert' and
for CA-cert is 'application/x-x509-ca-cert'.
--
Subrata
Aditya Ivaturi wrote:
I am writing an xulrunner application, which would take a website's
address, download the cert & import it in to the current firefox
profile database. This is my first xulrunner application & as such
there are few things I am confused about. So please bear with me.
I am trying to use the XPCOM APIs
http://mxr.mozilla.org/mozilla-central/source/security/manager/ssl/public/
& seems like nsIX509CertDB2.addCertFromBase64() (http://
mxr.mozilla.org/mozilla-central/source/security/manager/ssl/public/
nsIX509CertDB2.idl) might be the right function call to use. But I am
not sure about the second parameter for that method. The doc says:
* @param aTrust decoded by CERT_DecodeTrustString. 3 comma separated
characters,
indicating SSL, Email, and Obj signing trust
What are these 3 comma separated characters and where can I find more
info about them? Also, does this method add the certificate to the
database of the current firefox profile (I am using firefox.exe -app
to launch my app)?
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
