Hi, I take it "Extended ECC" is the additional option of "NSS_ECC_MORE_THAN_SUITE_B"? I tried NSS 3.12.5 with NSPR 8.2 with only that option and "NSS_ENABLE_ECC", so it's using softoken. Unfortunately, still getting the same error. Here's the command again in case I made a mistake:
certutil -R -s "CN=ectest, O=ectest, L=ectest, ST=ectest, C=US" -p "123-456-7890" -o ectest.req -d . -k ec -q nistp256 -Z SHA256 Thanks, Kai On Fri, Jan 15, 2010 at 2:30 PM, Wan-Teh Chang <[email protected]> wrote: > Kai, > > In NSS builds marked as "Basic ECC", ECC may be > used only for TLS/SSL. So it's possible that certutil cannot > generate CSRs when the "Basic ECC" version of NSS > is used. > > In NSS builds marked as "Extended ECC", certutil > should be able to generate CSRs. If not, it's a bug. > > You can read this wiki page for a recommended way > to use a third-party ECC library with NSS: > http://pki.fedoraproject.org/wiki/ECC_Capable_NSS > > Wan-Teh > -- > dev-tech-crypto mailing list > [email protected] > https://lists.mozilla.org/listinfo/dev-tech-crypto >
-- dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
