It's a fact that the 'izenpe' token is the one that's causing Firefox to lock
the NSS files.
It is a pkcs#11 module based on opensc drivers.
I've tested shareable NSS with a JSS-based program, watching the opensc logs,
and the pkcs#11 module gets the smartcard locked and unlocked atomically for
Thanks a lot for the detailed explanation Robert - much appreciated.
Please see my comments in line, some stuff deleted for brevity.
On 01/12/2011 11:38 PM, Robert Relyea wrote:
--- snip ---
331569088[1bd1610]: C_UnwrapKey 331569088[1bd1610]: hSession =
0x6 331569088[1bd1610]: pMechanism =
Hiya,
I've tried the same test with Chromium and it worked correctly as Wan-Teh said.
The database does not get locked.
My Firefox profile NSS files are soft links to the shared ones, as explained in
the NSS Shared Howto document
https://wiki.mozilla.org/NSS_Shared_DB_Howto
Could it be a
On 2011-01-13 03:58 PDT, Irune Prado Alberdi wrote:
I've tried the same test with Chromium and it worked correctly as
Wan-Teh said. The database does not get locked.
[snip]
I had to activate the FRIENDLY flag in order Chrome to correctly obtain
the smartcard's certificate. I'm new to Chrome
If your module locks the DB while in R/W
mode, that would explain it. Even that is bad, but it's not as bad a
user experience when you have the friendly flag set.
NSS will access opensc driver following pkcs11.txt configuration which is the
same for Chromium, Firefox and the certutil tool
Hi again,
today I a built a debug version of NSS 3.12.8 (as I haven't found 3.12.9
yet)
The issue is still there, but occours much later then with 3.12.5.
Server (with lib using NSS) ran about 1.5 hours before the issue
occoured. During this time 911 SSL connections have been done. The last
On 01/13/2011 10:46 AM, Bernhard Thalmayr wrote:
Hi again,
today I a built a debug version of NSS 3.12.8 (as I haven't found
3.12.9 yet)
I wouldn't expect 3.12.9 to fix the problem, as you seem to be running
into a unique issue.
The issue is still there, but occours much later then with
On Wed, Jan 12, 2011 at 2:38 PM, Robert Relyea rrel...@redhat.com wrote:
On 01/12/2011 01:26 PM, Bernhard Thalmayr wrote:
331569088[1bd1610]: C_UnwrapKey
331569088[1bd1610]: hSession = 0x6
331569088[1bd1610]: pMechanism = 0x7fffcd592ea0
331569088[1bd1610]: hUnwrappingKey = 0x8
On Thu, Jan 13, 2011 at 2:53 AM, Bernhard Thalmayr
bernhard.thalm...@painstakingminds.com wrote:
It might be helpfull if SSLTRACE and PKCS#11 could log a timestamp to help
in correlation.
You can add 'timestamp' to the NSPR_LOG_MODULES environment variable. See
9 matches
Mail list logo
