|
NSS 3.13.1 error -8172 -- openldap
|
| |
Hey everyone,
I've run into an issue using nss 3.13.1 when attempting to use ldapsearch to connect to a TLS openldap server and get the following errors:
TLS: certificate [XXXXXXXXXX] is not valid - CA cert is not valid
TLS: certificate [XXXXXXXXXX] is not valid - error -8172:Peer's certificate issuer has been marked as not trusted by the user..... more »
|
|
|
About NSS Confused.
|
| |
Hi all.
I want to by the NSS calls the P11 module.
So I have some quessions.
1.PKCS #11 Conformance Testing where download.
2.How to compile NSS,Which have detailed guidance document?
3.Other browsers, such as chorme also supports NAPI, how to call the
P11, but also through the NSS?
4.What are the advantages of the NSS call P11 NPAPI?... more »
|
|
|
Flowerbeetle & Flowerduck
|
| |
I've started a project to produce an experimental browser (Flowerbeetle) and an
experimental e-mail client (Flowerduck).
The purpose is to enable early testing of security and PKI related changes, which are proposed for the Mozilla
platform (including Firefox and Thunderbird), but which
haven't yet been fully reviewed and accepted for inclusion.... more »
|
|
|
Provide own CA
|
| |
Hi,
I posted my issue on Thunderbird-Enterprise before and Ludovic Hirlimann sent me here.
I created an own CA and put the cert in cert8.db by GUI in Thunderbird 10 ESR.
As far as I understand it, the way to go is to put the corresponding cert8.db file in defaults/profile in the program directory. (Which works... more »
|
|
|
Importing public and private keys into nss
|
| |
Hi,
I've tested encryption, decryption, signing and verification with public (NSSLOWKEYPublicKey) and private keys (NSSLOWKEYPrivateKey) in low level.
However, Now I have a public/private keys in the below format:
-----BEGIN RSA PUBLIC KEY-----
MIGHAoGBAK12Da7PWjz1Yf01Hp2gaR xBWU2lXchh/lGaQI05JusLgI38DSN2 ZPW5... more »
|
|
|
Trying to build CMS signed data message with no content
|
| |
Hi all,
I'm stuck on a problem I'm hoping someone can help me out with. I'm trying to create a CMS signed data message with the eContent omitted. When I pass zero-length data into NSS_CMSEncoder_Update() (null pointer, empty string, doesn't seem to matter) I end up getting SEC_ERROR_DIGEST_NOT_FOUND when NSS_CMSEncoder_Finish() is called. If I... more »
|
|
|
Fwd: Feedback on DOMCryptInternalAPI
|
| |
[Forgot to reply all]
----- Forwarded Message -----
...To: "Ehsan Akhgari" <ehsan.akhg...@gmail.com>
Sent: Thursday, April 19, 2012 3:09:45 PM
...
Ehsan:
This API will not interact with PB mode, except that it will need to store keys either in the NSS db or elsewhere. Of course now that I think about it more we can just set a flag saying to store keys persistently or not. I think the wording in the feature page needs some work, sorry for the confusion.... more »
|
|
|
Feedback on DOMCryptInternalAPI
|
| |
Hello All:
[I have cross posted this message to dev-platform and dev-tech-crypto, perhaps we should discuss this on dev-platform as it has a larger subscriber base?].
I am just putting together a draft feature page for an internal API needed by the eventual DOM bindings for DOMCrypt (see: [link] and [link] ). I would like for this API to not only support the eventual Web Crypto API, but also to allow extension developers to have a useful, high-level API to work with. This seems to be quite in demand based on the number of companies and developers who have contacted me about hacking on my fork of WeaveCrypto ( in the DOMCrypt Extension [link] .)... more »
|
|
|
