The most likely problem is a missing or incorrect libnssckbi.so.
Do a modutil -dbdir ~/nss/72db -listand see if you have a "Builtin Roots Module". If you do, make sure the module is pointing to a real libnssckbi.so.
If thinks aren't correct you can use 'modutil -dbdir ~/nss/72db -delete "Builtin Roots Module"' to remove it. Then make sure that you have a libnssckbi.so in ~/nss/72db and retry signtool.
bob sentraserjohn wrote:
The certificate we purchased on 11/4/2004 used to work with 2.4 linux in Redhat 9. Howeversince we moved on to Fedora Core4 with 2.6 linux kernel signtool says ++ Error ++ THIS CERTIFICATE IS NOT VALID (unknown issuer)The signtool was built from NSS 3.9.2 from Mozilla source code on both flavors of linux. Is this something that can be fixed by compiling thesigntool with some environment variable set to some values? On Linux 2.6 kernel (Fedora Core 4) output: signtool -d ~/nss/7.2db -l using certificate directory: /home/mcat/nss/7.2db Object signing certificates --------------------------------------- America Online Inc.'s VeriSign, Inc. IDIssued by: VeriSign Class 3 Code Signing 2004 CA - VeriSign, Inc. (VeriSign Class 3 Code Signing 2004 CA)Expires: Fri Nov 04, 2005 ++ Error ++ THIS CERTIFICATE IS NOT VALID (unknown issuer) On Linux 2.4 kernel (Redhat 9) signtool -d ~/nss/7.2db -l using certificate directory: /home/mcat/nss/7.2db Object signing certificates --------------------------------------- America Online Inc.'s VeriSign, Inc. IDIssued by: VeriSign Class 3 Code Signing 2004 CA - VeriSign, Inc. (VeriSign Class 3 Code Signing 2004 CA)Expires: Fri Nov 04, 2005 _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
smime.p7s
Description: S/MIME Cryptographic Signature
