Hi there,
how can i access the Mozilla NSS (shared) Database (cert8 or cert9d.db) /
PKCS#11-Modules via OpenSSL?
I need read & write access to the NSS User Cert Database (softokn3) and to the
Built-In Cert Database (nssckbi) under Windows.
I tried it with Libp11 this way:
int rc = 0;
PKCS11_CTX *pkcs11_ctx;
pkcs11_ctx = PKCS11_CTX_new();
PKCS11_CTX_init_args(pkcs11_ctx,
"configdir=''C:/Users/Username/AppData/Roaming/Mozilla/Firefox/Profiles/5wzkdcjx.default'
certPrefix='' keyPrefix='' secmod='secmod.db'");
rc = PKCS11_CTX_load(pkcs11_ctx, " C:/Program Files
(x86)/Mozilla/Firefox/softokn3.dll ");
printf("Desc: %s\n", pkcs11_ctx->description);
if (rc)
printf("Error loading Module");
But it return every time "-1" which tells me that the loading fails. So is this
the right way? Or should I use another library? Or is my code not right?
And can I edit the Trust Settings with that or another library like with NSS
directly? Because I can't delete the built-in certs of nssckbi because this is
read-only I can edit the Trust-Settings for that certificate. Can I do that
with OpenSSL in combination with a library, too? Or should I better use NSS
instead of OpenSSL?
Thanks.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
