pk12util and pkcs12 decoder library need verbose diagnostic mode

NEW
Unassigned

Status

NSS
Tools
P3
enhancement
12 years ago
8 years ago

People

(Reporter: Nelson Bolyard (seldom reads bugmail), Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

With all the problems folks have been having importing pkcs12 files, 
and all the time NSS developers spend diagnosing those troubles,
it would be great if pk12util had a verbose diagnostic mode that 
caused it to output a log of what it's doing internally.  
Users aren't going to send us their .p12 files, generally, and they
shouldn't have to.  But we should be able to figure out where it's
failing using verbose log output that the tool provides.  

Note that pk12util already has a -v option, and all it does presently
is cause a line to be output at the end, declaring success or failure.

I think the implementatino of this might require extended the PKCS12
deocder API with the addition of a new registerable callback function
that pk12d calls as it decodes.

Updated

11 years ago
Target Milestone: --- → 3.11.8

Updated

11 years ago
Target Milestone: 3.11.8 → Future

Updated

11 years ago
Target Milestone: Future → ---
(Reporter)

Updated

11 years ago
Priority: -- → P3

Updated

11 years ago
OS: Windows XP → All
(Reporter)

Updated

10 years ago
Assignee: neil.williams → nobody

Comment 1

8 years ago
I wonder why firefox and thunderbird only say "PKCS#12 operation failed for unknown reason". Why isn't it possible to tell the reason?

Yesterday I generated a new certificate with openSSL and it did not import into thunderbird for "unknown reasons". After 2 hours I found the reason: the new serial number was the same as an existing certificate.

See also bug 458161 and bug 564403
This bug is about an NSS command line tool.

The browser and email clients are NOTORIOUS for saying "for an unknown reason" 
instead of stating the reason, even when the reason is clearly known to them 
(in the form of a detailed error code).  That's not an NSS problem.  See also 
https://bugzilla.mozilla.org/show_bug.cgi?id=desired
You need to log in before you can comment on or make changes to this bug.