i try to figure out how certutil and cmsutil work and if it is suitable for my needs. Unfortunatelly i failed and hope i can get some hints here....
Env: NT4SP6a, NSS 3.7.1, NSPR 4.2.2
What i did:
md certdb certutil -N -d certdb pk12util -d crtdb -i mycert.p12 certutil -A -d certdb -n [EMAIL PROTECTED] -t ",P," -i [EMAIL PROTECTED]
mycert was issued by a commercial german CA, [EMAIL PROTECTED] is a thawte personal freemail cert.
certutil -L -d certdb shows 3 lines <CN from mycert>'s <O from issuer> ID u,u,u [EMAIL PROTECTED] ,P, <OU from issuer> c,c,c
certutil -K -d certdb shows <0> <CN from mycert>'s <O from issuer> ID
I have an encrypted mail (with my public key) from [EMAIL PROTECTED] and extracted the pkcs7 part to a file smime.p7m the same way smime.pl does it but
cmsutil -D -d certdb -i smime.p7m
couldnt decode it. "Cannot decrypt: you are not a recipient, or matching certificate and private key not found."
I tried to encode/decode a message with my own key
cmdutil -E -d certdb -r [EMAIL PROTECTED] -i test.txt -o text.enc
but
cmdutil -D -d certdb -i test.enc
failed with the same message. BTW Mozilla 1.2.1 can decode the original mail. Can someone point me the right direction?
Thanks Thomas
