Re: Importing exporting JKS key to NSS db

2008-06-26 Thread Gordon.Young
On Jun 22, 10:11 am, Yevgeniy Gubenko <[EMAIL PROTECTED]> wrote: > Hello, > I need to create 2 public private key pairs: one on windows machine in JKS > format (by keytool command) and the other on Solaris 10 machine in NSS > database (certutil -G), on which NSS db exists. > Then I have to > 1.ex

RE: Importing exporting JKS key to NSS db

2008-06-25 Thread David Stutzman
As Nelson mentioned, just using FIPS-approved NSS isn't enough. Go to the NIST website and download the Security Policy document. That tells you how you must configure/run the system to be truly FIPS compliant. http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2007.htm#815 Straight to

Re: Importing exporting JKS key to NSS db

2008-06-24 Thread Nelson B Bolyard
Yevgeniy Gubenko wrote, On 2008-06-24 12:20: > Let me explain you my motivation: Thank you. > I have client java 1.6 application, which runs on windows platform. > The server java 1.6 application runs on Solaris 10 and should be > FIPS140-2 compliant. > Thus, all crypto on server side should pa

Re: Importing exporting JKS key to NSS db

2008-06-24 Thread Arshad Noor
You can choose to use the NSS database on both sides if you wish and use the JDK's SunPKCS11 bridge from your Java application to get to the keys and certificates in the NSS keystore/certstore. Take a look at the source code of StrongKey (www.strongkey.org) on the client side (Symmetric Key Client

RE: Importing exporting JKS key to NSS db

2008-06-24 Thread Yevgeniy Gubenko
ist Subject: Re: Importing exporting JKS key to NSS db Yevgeniy Gubenko wrote, On 2008-06-23 12:47: > I don't know how to extract specificly public key after I > used the following command: > > certutil -G -n srv -k rsa -g 1024 -z seed -f pwdfile.txt -d . > > which should h

Re: Importing exporting JKS key to NSS db

2008-06-23 Thread Nelson B Bolyard
Yevgeniy Gubenko wrote, On 2008-06-23 12:47: > I don't know how to extract specificly public key after I > used the following command: > > certutil -G -n srv -k rsa -g 1024 -z seed -f pwdfile.txt -d . > > which should have created me public/private key pair. > The second problem is: after I have

RE: Importing exporting JKS key to NSS db

2008-06-23 Thread Yevgeniy Gubenko
From: Michael Ströder [mailto:[EMAIL PROTECTED] Sent: Monday, June 23, 2008 11:40 To: dev-tech-crypto@lists.mozilla.org Subject: Re: Importing exporting JKS key to NSS db Yevgeniy Gubenko wrote: > > 1.export public key from Solaris to Windows in JKS format > > 2.import public key from W

Re: Importing exporting JKS key to NSS db

2008-06-23 Thread Michael Ströder
Yevgeniy Gubenko wrote: > > 1.export public key from Solaris to Windows in JKS format > > 2.import public key from Windows to Solaris into NSS database I would export as PKCS#12 format and import that to NSS cert DB. Ciao, Michael. ___ dev-tech-crypto