Hi again David (and everyone else),
Thanks again for all the explanations, it certainly (again) makes stuff
clearer and I now seem to have an reasonable idea about whats going on
and how to handle our situation.
On a standard Rhel 7 installation, the pkcs11.txt under /etc/pki/nssdb
*only*
On Thu, 2014-12-04 at 11:31 +, David Woodhouse wrote:
That one. libnssckbi.so is what provides the default trust roots. It's
*always* supposed to be loaded in an NSS system. You shouldn't need to
add it manually. I don't.
... except in the specific case where I was testing pam_pkcs11.
On 12/04/2014 03:31 AM, David Woodhouse wrote:
You say that this shouldn't be necessary (and probably a bug), just to
clarify things for me, do you mean that,
1 ) adding the libnssckbi.so to shouldn't be necessary since it should
already be there from the beginning, and that the bug is that
On Thu, 2014-12-04 at 10:33 -0800, Robert Relyea wrote:
That one. libnssckbi.so is what provides the default trust roots. It's
*always* supposed to be loaded in an NSS system. You shouldn't need to
add it manually. I don't.
Huh? that is not true. libnssckbi.so is loaded by nssysinit, or
Yes, there are some applications which use NSS only for private crypto
purposes and don't need the trust roots, but Patrik seemed to be suggesting
that in RHEL, even Firefox wasn't loading libnssckbi.so until he manually
added it to pkcs11.txt/secmod.db.
Maybe I should have been clearer
On 12/04/2014 02:00 PM, David Woodhouse wrote:
On Thu, 2014-12-04 at 10:33 -0800, Robert Relyea wrote:
That one. libnssckbi.so is what provides the default trust roots. It's
*always* supposed to be loaded in an NSS system. You shouldn't need to
add it manually. I don't.
Huh? that is not true.
Haven't tested yet, but you could file a bug, altough I dont know if it
will be accepted.
If you have both accounts on your profile, you are the 2 people, hence
there's no reason to send you a crypted message to yourself.
I would accept the bug, but will give a 0.001 priority...
A workaround
7 matches
Mail list logo
