Hi, > In general, bare keys are not very useful in NSS. Keys are generated > with certificates. > > Unfortunately TB doesn't have a very good way to get certificates > itself. The easiest thing is to get a certificate using Firefox and > export it to a .pk12 file, then import it with thunderbird. > > You can use certutil to generate a certificate request, which you can > programmaticly send to a CA. You can import the resulting cert into > the > database with certutil. NOTE: a private key is generated as a side > effect of the certificate request. > > You can programmaticly import and export .p12 files with p12util. > > The key generated by sdrtest is a symmetric key. Unforunately there > currently are no tools that help you backup and restore symmetric > keys.
I really just wanted to create the special key that is used to encrypt credentials in key3.db, without any need to backup or restore it. sdrtest is enough for that without the need of a certificate. Cheers Gustavo > > bob > > > -- > dev-tech-crypto mailing list > dev-tech-crypto@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-tech-crypto -- Angulo Sólido - Tecnologias de Informação http://angulosolido.pt -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
