Open
Bug 526674
Opened 16 years ago
Updated 2 years ago
using "sql/cert9 db" certutil cannot set trust on a new certificate created using a hardware token
Categories
(NSS :: Libraries, defect, P5)
Tracking
(Not tracked)
NEW
People
(Reporter: glenbeasley, Assigned: rrelyea)
Details
while testing the fix for bug 374247
certutil -S -n NewCert5 -s "O=BLA,C=US" -h "scaFIPS" -t ,,, -x -d .
Enter Password or Pin for "scaFIPS":
...deleted text...
Generating key. This may take a few moments...
certutil: could not change trust on certificate: The operation failed because the PKCS#11 token is not logged in.
---
the key and cert were generated
certutil -K -d . -h scaFips
certutil: Checking token "scaFIPS" in slot "scaFIPS"
Enter Password or Pin for "scaFIPS":
< 0> rsa 583003972b23ac4890166562f9b56ceb68dd489b scaFIPS:NewCert5
certutil -L -d .
Certificate Nickname Trust Attributes
SSL,S/MIME,JAR/XPI
NewCert5 ,,
I got the same error for cert9 on another box with a sca6000 card where the token is not in FIPS mode.
|
||
Updated•16 years ago
|
Summary: using "sql/cert9 db" certutil is not able to successfully create a new certificate using a hardware token → using "sql/cert9 db" certutil cannot set trust on a new certificate created using a hardware token
|
Assignee | |
Updated•16 years ago
|
Assignee: nobody → rrelyea
|
||
Comment 1•15 years ago
|
||
I have a similar issue when adding a certificate to HW token, after successful export of key and signing by a CA:
[xxx@xxxxxxxx:] hw-nss$ certutil -h dev-xx-xx -d . -A -n test-hw-nss -t "p,p,p" -i test-hw-nss.crt
Enter Password or Pin for "dev-xx-xx": < then password entry >
certutil: could not change trust on certificate: The operation failed because the PKCS#11 token is not logged in.
|
||
Updated•3 years ago
|
Severity: normal → S3
|
||
Updated•2 years ago
|
Severity: S3 → S4
Priority: -- → P5
You need to log in
before you can comment on or make changes to this bug.
Description
•