Patrick wrote:
> Yes, certutil shows them, but only if I use the "-h all" option
> I noticed the trust flags show nothing (",,") however. Would that explaing
> why they don't get include in the return list? I'm calling
> CERT_GetCertNicknames with SEC_CERT_NICKNAMES_USER
>
> Also, certutil does not seem to use CERT_GetCertNicknames, instead it calls
> functions like PK11_GetAllTokens, PK11_TraverseCertsInSlot...
Sounds like the private keys aren't properly linked to the certificates.
The CKA_ID's for the certificates need to match the CKA_ID's for the
private keys, otherwise NSS will not treat the certs as user certs.
bob
>
> -- POC
>
> "Ian McGreer" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
>
>>Patrick wrote:
>>
>>>Does this function return nicknames of certs residing on a smartcard? I
>>>though it did, was working for me at one time...
>>
>>It does.
>>
>>
>>>I have the smartcard PK11 module loaded in secmod.db, and I'm using
>>>Get_DefaultCertDB for cert db handle, I have my password callback set
>>
> up,
>
>>>but the 2 certs on my card are not part of the return list...What am I
>>>missing?
>>
>>
>>Not sure. Do the certs show up using other means (certutil, e.g.)?
>>
>>-Ian
>>
>>
>
>
>
