I need to enumerate the certs in my local store, and in my testing, only user certs can be enumerated using the get_cert_nicknames api. It also appears to be the only exposed api for listing certs in the db. I'm using the ver 0.12 version of python-nss.
The function get_cert_nicknames takes a parameter which lists ALL certs, USER certs, CA certs, SERVER certs. I have a mix of user and valid CA certs in my nssdb, and the only flag that works is "nss.SEC_CERT_NICKNAMES_USER", and does indeed return my user certs. I'm unable to programmatically discover other certs using this api. After reviewing the nss 'C' source code, I noticed a #ifdef surrounding the sections that handle the other 3 cases. Is this functional, and if not, is there some other mechanism to enumerate the certs? -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
