Hi, We have been working on the development of a PKCS#11 module that uses a softtoken as crypto backend. I have been facing a problem after installing a new certificate when trying to load the module with iPlanet Servers (iWS 4.1). As I believe iPlanet servers use NSS code, perhaps you could try to clarify what is wrong. I have generated a certificate request using the appropriate window under the server, and after obtaining a test certificate with a CA and installing it using the next window, I am not able to load the module anymore, with the server accusing a "Internal Error", with core been dumped. In fact the crash is on iPlanet's side, and I believe it comes from the way it treats/recognizes certificate databasis. I say that because when using the tests suites (cpkg106 as well as the one that comes with NSS), I was able to debug it and noticed that when trying to initialize my token (using PK11_InitToken), it finds my certificate and goes on trying to build it internally ( thru pk11_ExtractCertsFromSlot, PK11_TraverseSlot , pk11_DoCerts, pk11_MakeCertFromHandle, pk11_fastCert, etc). At the point it calls the function CERT_NewTempCertificate, using the default_cert_db_handle as argument (got thru CERT_GetDefaultCertDB()), it crashes when trying to lock it ( CERT_LockDB(handle)). The handle default_cert_db_handle is defined as NULL, and as the program fails to set it beforehand using CERT_SetDefaultCertDB(handle), it crashes when trying to access handle->dbMon !! The same problem occurs when using modutil to simply list the modules, if I use the "-nocertdb" option. In order to make it work properly, I have omit that option, what requires me to create the files key3.db and cert7.db, although they are not used with the server (instead https.admin-...-cert7.db is used). This detail with modutil shows already that the behavor is irregular, as I need to create files that have no use at all just to be able to list the modules. Netscape itself (4.75) doesn't show any problem, it loads fine and shows my certificate. If there is something wrong in my procedure, please let me know. I would appreciate any help. Carlos
