David Stutzman wrote, (quoting me) On 2008-06-09 04:46 PDT: >> In NSS version 3.10 and later versions, pk12util has a third command >> option, in addition to -i (import) and -o (export) there is -l (that's >> ell, as in list). You can use it to list the contents of your PKCS#12 >> file. It won't show you the actual values of encrypted keys or >> encrypted certs, but it will at least list the keys, and the certs, and >> it will show the values (contents) of unencrypted certs, if any. > > I might be misunderstanding what you're saying here, but I have PKCS#12 > files where everything is stored in the encrypted SafeContents and
What tool produced those PKCS#12 files with certs in encrypted bags? My (possibly mistaken) recollection is that NSS does not encrypt certs when it makes PKCS#12 files. > pk12util lists the certificates just fine. In my experience, pk12util is > very flexible reading differently structured PKCS#12 files. Yes, NSS will decode/decrypt encrypted certs, whether the files it makes encrypt the certs or not. My statement above qualified pk12util's capabilities too narrowly. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
