> > > Hi Ian, > > Thanks for the reply. Here's the contents of the one of the dirs I'm testing > on: > > # pwd > /opt/netscape/nes/3.63/alias > # > > -rw-r--r-- 1 root other 236 Sep 27 2000 ServerCertInfo.txt > -rw-r--r-- 1 root netscape 0 Jan 31 2000 cert.log > -rw------- 1 root other 32768 Sep 5 21:01 cert7.db > -rw------- 1 root other 32768 Sep 5 21:01 key3.db > -rw------- 1 root other 32768 Sep 5 20:59 secmod.db > -rw-r----- 1 root netscape 65536 Jun 22 2000 smpd9-cert.db > -rw-r----- 1 root netscape 65536 Jun 28 2001 smpd9-key.db > -rw-r----- 1 root netscape 65536 Sep 29 2000 sstraveldev-cert.db > -rw-r----- 1 root netscape 65536 Jul 30 2001 sstraveldev-key.db > > And this is the output I'm getting when I issue certutil/pk12util from that > dir: > > # certutil -L -d . >
You need to add "-P smpd9-" or "-P ssltraveldev-", depending on what set of databases you intend to use. NSS expects the names of the databases to be cert7.db and key3.db. If they have a prefix, you have to provide it. > > # pk12util -o sstraveldev.pk12 -n sstraveldev -d . > pk12util: find cert by nickname failed: security library: bad database. > # Likewise. > I'm not too sure what the nicks of the certificates are supposed to be. I > presumed that was just the name of the file without the .db suffix, is that > right? That's not necessarily true. You can find out the nicknames from certutil -L. -Ian
