NSS: Difference between revisions
| Line 24: | Line 24: | ||
=Create a New Certificate Database and Import Google's Certificate= | =Create a New Certificate Database and Import Google's Certificate= | ||
==1. Create a New Directory== | |||
Create the new directory that will become the home of the new certificate database: | Create the new directory that will become the home of the new certificate database: | ||
| Line 31: | Line 33: | ||
mkdir certs | mkdir certs | ||
</pre> | </pre> | ||
==2. Initialize it as a Certificate Database== | |||
<pre> | |||
certutil -N -d ./certs | |||
</pre> | |||
The command will inquire for a password to encrypt the keys. If this database is used for public keys only, you can use an empty password. | |||
Revision as of 00:43, 1 February 2016
External
Internal
Overview
Network Security Services (NSS) comprises a set of libraries designed to support cross-platform development of security-enabled client and server applications with optional support for hardware TLS/SSL acceleration on the server side and hardware smart cards on the client side. NSS provides a complete open-source implementation of cryptographic libraries supporting Transport Layer Security (TLS) / Secure Sockets Layer (SSL) and S/MIME.
Certificates
Location on Linux: /etc/pki/nssdb
certutil
certutil -L -d /etc/pki/nssdb
More certutil usage examples: http://serverfault.com/questions/498588/smtp-gmail-com-from-bash-gives-error-in-certificate-peers-certificate-issuer
Create a New Certificate Database and Import Google's Certificate
1. Create a New Directory
Create the new directory that will become the home of the new certificate database:
cd ~/tmp mkdir certs
2. Initialize it as a Certificate Database
certutil -N -d ./certs
The command will inquire for a password to encrypt the keys. If this database is used for public keys only, you can use an empty password.