On 2010-10-21 13:31 PDT, Matej Kurpel wrote: > This looks like Thunderbird cannot find the user certificate in its > database. Well, it shouldn't anyway, since it resides on the token > provided by a PKCS#11 module I am developing.
Right. It's not necessary for the cert to be in the database. It's only necessary that NSS can find it in one of the attached tokens. > However, in its properties it says it couldn't verify the certificate > for unknown reasons. And the CA certificate is added into the > authorities correctly. Any more ideas, please? For purposes of your command line testing, you should add your PKCS#11 module to the secmod.db configuration file, using the modutil program. Thereafter, you should be able to get the command line utilities to see and attempt to verity the certificate in your token. I'd tell you how to do that, but you seem to be doing VERY VERY well at figuring it out on your own! Here are some hints: certutil -d . -L -h all certutil -d . -L -n "my token name:my cert name" -- /Nelson Bolyard -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
