On Do, 2014-05-08 at 19:03 +0530, radiatejava wrote: > I am using NSS db and utility to maintain certificates for a web > server. I am facing an issue, please go through the steps I am > listing. Can anyone explain why I am getting 'u' attr for certificate > with ca-3 alias even though I did not provide this attribute while > adding it.
The 'u' attribute means 'user owned', that certutil is able to see a private key along with the certificate. > This is creating problem for me - CA signed cert with > tomcat is not considered as the server certificate but the one with > ca-3 is being considered. Too few details to answer this question. I don't know why your certificate is not accepted as a server certificate by the tomcat software. You could post the contents of the certificate, and explain how you exported the certificate from NSS. To view a dump of a certificate using certutil, use: certutil -d directory -L -n nickname-of-the-server-certificate Kai -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
