Libnss3 doesn't log SEC_ERROR_UNKNOWN_PKCS11_ERROR properly ( NSS error code: -8018 )
Categories
(NSS :: Libraries, enhancement)
Tracking
(Not tracked)
People
(Reporter: nusch88, Unassigned)
Details
Steps to reproduce:
I've faced an issue with all browsers relying in libnss refusing ever X.509 certificate. I've hard time to debug it through months due to not enough information returned from libnss. It was in detail described here:
https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1960736
Actual results:
Root issue is that libnss returned [23391:23426:0213/133531.202486:ERROR:nss_util.cc(286)] After loading Root Certs, loaded==false: NSS error code: -8018
In my case the root cause was poor quality code written by local government agency known for infringing LGPG licence. The configuration change was deployed when installing their PKCS#11 related software and lack of proper debug from Libnss cause I was not able to connect cause and the effect.
Expected results:
Instead of displaying code which couldn't be googled NSS should return full human readable error name ' SEC_ERROR_UNKNOWN_PKCS11_ERROR' - in way it does for other errors of same kind.
Updated•1 year ago
|
Comment 1•1 year ago
|
||
This is a bug in Chromium, not NSS. You can file a bug here: https://bugs.chromium.org/p/chromium/issues/list
Description
•