Loren wrote:
lorenhome:~/nss/nss-3.6/bin$ ./signtool -d . -l
using certificate directory: .
Object signing certificates
---
Test User One
Issued by: Test Root CA - Test Company (Test Root CA)
Expires: Tue Oct 28, 2003
Assertion
Loren wrote:
lorenhome:~/nss/nss-3.6/bin$ ./signtool -d . -l
using certificate directory: .
Object signing certificates
---
Test User One
Issued by: Test Root CA - Test Company (Test Root CA)
Expires: Tue Oct 28, 2003
Assertion
1. Why isn't this utility mentioned in
http://www.mozilla.org/projects/security/pki/nss/tools?
2. The utility has the -u url option when importing. What for?
3. When it imports a CRL, what exactly is the validation that is performed
on the CRL, besides signature verification of the issuing CA?
Thanks.
I assume I don't need to first import the CRL in the NSS cert DB before
using the CERT_DecodeDERCRLWithFlags function; all I need to provide are the
CRL raw bytes (e.g., read from a file), correct?
Also, it looks like I need to use the CERT_CompleteCRLDecodeEntries function
to actually
Suneetha K wrote:
I have SSL warning: Viewing a page with encrypted unencrypted
mix enabled on my Mozilla browser v1.2b.
I want to know, based on what in the content of the response for a
https request does mozilla decide to pop up a message saying...
You have requested an encrypted page
Patrick,
Cesard, Patrick O. wrote:
Thanks.
I assume I don't need to first import the CRL in the NSS cert DB before
using the CERT_DecodeDERCRLWithFlags function; all I need to provide
are the
CRL raw bytes (e.g., read from a file), correct?
If you just want to decode it, you can simply read
I don't know that commenting out the assert is a good idea. Your
probably getting a bogus error as a result.
Have you tried using the cert to sign something? That is, skip trying
to list it, and just go ahead and use it and see what happens.
-Ian
Yes I did, and failed :(
