Hai-May Chao wrote: > That NSS package contains a shared library database libnssckbi.so which > defines a set of X509 CA certificates. We need to extract these certs for > use by OpenSSL consumers. We'd like to have run-time extraction in place > if possible so we will be able to get the latest cert set when the > database is updated.
Frankly, I think you're better off working with the team delivering NSS to deliver a package containing just the certs in some format that SSL clients are likely to be able to read (PEM or PKCS8 or whatever), and deliver that file (or those files) into some well-known location. Dynamic extraction seems like a very unstable method for delivering a file or set of files. Danek _______________________________________________ pkg-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
