Hello all.... I've built and am running C-SDK 6.06 in Windows, and 6.05 in Linux. In each OS I have a test client that I build and run, linking to the C-SDK.
Without using SSL, everything is fine in both OSs. I can freely query my AD server as I'd expect. When I enable SSL, the ldapssl_advclientauth_init call succeeds in Linux, but fails in Windows. I also tried just calling ldapssl_clientauth_init() and got the same thing - success in Linux and failure in Windows. My Linux call resembles: #define CERTDB "/home/admin/.mozilla/firefox/naybgi51.default/cert8.db" #define KEYDB "/home/admin/.mozilla/firefox/naybgi51.default/key3.db" ldapssl_advclientauth_init(CERTDB, NULL, 1, KEYDB, NULL, 0, "", 0) When I build the same codebase in Windows, the difference is: #define CERTDB "..\cert8.db" #define KEYDB "..\key3.db" (I copied my db files from my Firefox app data in Windows) Any suggestions? I do notice that when I trace down into the code, inside the ldapssl_advclientauth_init code: - Down inside nss_Init (nssinit.c). - SECMOD_LoadModule (pk11pars.c) is called with modulespec indicating "NSS Internal Module". - SECMOD_LoadModule sort of calls itself recursively with modulespec indicating "NSS Internal PKCS #11 Module". - Then, when SECMOD_LoadPKCS11Module (pk11load.c) is called, it calls secmod_ModuleInit, which calls PK11_GETTAB(mod)->C_Initialize(pInitArgs), which is what actually fails (crv = 48). So, is this a CKR_DEVICE_ERROR from NSS? I'm not using hardware or anything - I'm just trying to specify my cert and key db files in order to do SSL. Any tips, hints, or suggestions would be *greatly* appreciated! This strikes me as a system config issue, and not a code issue? - Matthew _______________________________________________ dev-tech-ldap mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-ldap
