We tried using pk12util in nss 3.1.1 as follows:
The database in writable directory:
./alias-cert.db
./alias-key.db
./pk12util -o outfile.p12 -d . -n nickname -P alias
This just gives the usage help message.
Any suggestions on how to use the tool?
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 11, 2001 5:50 PM
To: Carman George
Cc: '[EMAIL PROTECTED]'
Subject: Re: Migrating Private Keys and Certs from Netscape 3.5
Carman, George wrote:
> Hello,
>
> We have several Netscape 3.5 servers and we are trying to migrate their
keys
> and certs to newer products.
> Is there a utility which can read the database for these older products?
> The files have names alias-cert.db and alias-key.db. There is no
secmod.db.
>
> Do the nss pk12util and certutil utilities understand these older
databases?
> If so, example usage for export of the keys and certs would be
appreciated.
Yes, sort of. They can update an old database into a new database
format. The latest versions of the utilities even understand the server
'alias-' prefixes (they have options to handle them). If you run them in
a writeable directory the tools can create new alias-cert7.db and
aliad-key3.db's as well as a secmod.db on the fly, before they start
using operating on the files.
iWS also has an admin interface that can update thes files.
bob
>
> Thanks,
> George
>
>
