On 2010/05/05 11:29 PDT, M.Hunstock wrote:
> I forgot to set some attributes in the PKCS#11 storage object
> containing the certificate, including the issuer DN. Apparently that was
> the reason for the failing behaviour.
Yes, that will do it.
> I haven't found that earlier because I assumed NSS
On 2010/05/05 05:42 PDT, David Stutzman wrote:
> I'm guessing my previous submission was eaten by the terrible list
> monster due to having an attachment...
Hmm. I think it would have gone into the "moderation queue", where I would
have seen it, and I haven't seen anything from you there.
> So
The release notes for NSS 3.12.6 are available at:
https://developer.mozilla.org/NSS_3.12.6_release_notes
Regards,
Christophe.
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
On 2010/05/04 12:10 PDT, Robert Relyea wrote:
> 2) almost all tokens mark the private key as private, and it's not even
> findable if the token has not been logged in. As Honras and Nelson
> pointed out, this is what makes a cert 'yours'. It's also used when
> deciding if a cert is usable for cl
On 05.05.2010 11:05, M.Hunstock wrote:
> In the meanwhile it appears in the correct tab, but the trust chain
> cannot be built. It says something like "this certificate could not be
> verified for an unknown reasen" (I have a localized version of FF).
Well..
"if you do everything right, everthin
On May 5, 2:01 pm, "M.Hunstock" wrote:
> Am 05.05.2010 13:02, schrieb joabelfa:
>
> > Certificate certificadoJSS = new Certificate(info, rootkey, sigAlg);
>
> > what is the problem?
>
> where is sigAlg coming from?
private SignatureAlgorithm sigAlg =
SignatureAlgorithm.RSASignatureWithSHA1Digest
On May 5, 2:33 pm, David Stutzman
wrote:
> On 5/5/2010 7:02 AM, joabelfa wrote:
>
> > ksfis = new
> > FileInputStream("./certificates/runa/keystore.jks");
> > KeyStore truststore = KeyStore.getInstance("JKS");
> > truststore.load(ksfis, "ke
I'm guessing my previous submission was eaten by the terrible list
monster due to having an attachment...
As usual, you appear to be correct Nelson, I figured out the proper
cipher string format for vfyserv and enabled ALL ecc ciphers and it
didn't work. So I set about recompiling NSS again a
On 5/5/2010 7:02 AM, joabelfa wrote:
ksfis = new
FileInputStream("./certificates/runa/keystore.jks");
KeyStore truststore = KeyStore.getInstance("JKS");
truststore.load(ksfis, "key123".toCharArray());
On 5/4/2010 11:24 AM, fsuel wrote:
I would like to know if RSA 2048 digital signature with SHA hash (224,
256 and more bit) is possible in Mozilla products. In particuler if i
can realise a RSA 2048/SHA 256 digital signature with Thunderbird 2.x
or 3.x
Ripping off Wan-Teh[1]
"We have an "Encryp
Am 05.05.2010 13:02, schrieb joabelfa:
> Certificate certificadoJSS = new Certificate(info, rootkey, sigAlg);
>
> what is the problem?
where is sigAlg coming from?
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
Hi, i'm trying create a new JSS certificate, but when the constructor
is called (Certificate certificadoJSS = new Certificate(info, rootkey,
sigAlg);), i'm returned the following error:
java.security.InvalidKeyException: Private Key is does not belong to
this provider
at org.mozilla.jss.pk
Am 05.05.2010 12:03, schrieb Kaspar Brand:
> Does the cert viewer not show any chain (under "Details"), or is it just
> showing the "Could not verify this certificate for unknonw reasons"
> message on the "General" tab?
It is the latter, on the "Details" tab in the chain field it shows just
the
On 05.05.2010 11:05, M.Hunstock wrote:
> In the meanwhile it appears in the correct tab, but the trust chain
> cannot be built. It says something like "this certificate could not be
> verified for an unknown reasen" (I have a localized version of FF).
Does the cert viewer not show any chain (under
Am 05.05.2010 08:59, schrieb Kaspar Brand:
> Does your cert / CKO_CERTIFICATE object lack a label?
My application sets it to "null" (Java app), but even when I put
something into that label.. there are strange results.
I read the labels with pkcs11-tool from openSC, and it prints out
something.
Am 04.05.2010 21:10, schrieb Robert Relyea:
> If the token is marked with the publically readable certs/friendly
> flag, then NSS will not try to authenticate to it before looking up
> certs and depend on the public key semantics to identify 'user' certs.
> If your token does not have a public
On 04.05.2010 19:39, M.Hunstock wrote:
> Is there some magic done with the labels, too?
Does your cert / CKO_CERTIFICATE object lack a label?
If so, I remember having seen a similar issue. The problem "starts" with
this PSM code, most likely:
http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/s
17 matches
Mail list logo
