Stack Overflow
Stack Overflow

Questions tagged [nss]

Network Security Services (NSS) is a set of libraries designed and maintained by Mozilla to support cross-platform development of security-enabled client and server applications.

Network Security Services (NSS) is a set of libraries designed and maintained by Mozilla to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards.

169 questions
4
votes
1 answer

trying to enable FIPS mode using SunPKCS11 with NSS in Java

I'm working on a project requiring FIPS 140-2 validated cryptography, and I'm trying to use NSS with the SunPKCS11 token interface, and I've gotten it working up until turning on FIPS mode in NSS. I get an error, CKR_USER_NOT_LOGGED_IN, that I just…
nodog
  • 41
  • 1
  • 2
4
votes
1 answer

NSS/PKCS11 errors in docker alpine wildfly on AWS GovCloud

I am using the woahbase/alpine-wildfly image. I keep receiving the following errors when trying to connect to AWS endpoints for S3 and/or SQS: Caused by: java.security.ProviderException: Could not initialize NSS and Caused by: java.io.IOException:…
John R
  • 350
  • 2
  • 5
  • 19
4
votes
1 answer

Using Mozilla's NSS library in JavaScript (e.g. WeaveCrypto.js)

I am developing a Thunderbird extension, which is mostly done in JavaScript. I want to use several functions from Mozilla's NSS (Network Security Services) library in JavaScript. There is one JavaScript wrapper built into Thunderbird, named…
BeYonD
  • 41
  • 4
4
votes
1 answer

cURL with NSS - Can't find certificate

I'm trying to cURL using a certificate stored in an NSS database, however while running the cURL command, it says the certificate cannot be found. Here is the list of the certs in my DB: [root@localhost scripts]# certutil -L -d /nss Certificate…
ev0lution37
  • 1,129
  • 2
  • 14
  • 28
4
votes
1 answer

Import a P12 certificate into a NSS database (with an alias)

I have a personal P12 certificate generated by a certificate authority. I want to use it with CURL to access a protected URL. If CURL on CENTOS was compiled with openssl, I should only convert it to PEM format and provide that file to CURL (tested…
eduardo.lopes
  • 482
  • 7
  • 16
4
votes
1 answer

Java 8 cannot load its cacerts in FIPS. Exception "no such provider: SunEC"

My server was using java 7 and is running fine in FIPS mode. Now we are upgrading to jre8 and the following exception is coming during the startup while loading cacerts. java.lang.RuntimeException: java.security.NoSuchProviderException: no such…
Atul Soman
  • 4,612
  • 4
  • 30
  • 45
4
votes
1 answer

Issues with composer.phar with nss and api.github.com

I am attempting to use composer.phar on a server with RHEL6. Installation details: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.3.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2 PHP 5.4.16 Zend Engine v2.4.0, Copyright (c) 1998-2013 Zend…
tedb
  • 61
  • 5
4
votes
1 answer

replace nsICertificateDialogs from firefox extension

I'm trying to replace the nsICertificateDialogs dialog with my own implementation. I already have an extension that handles smime mails from webmail. I want to be able to use the Mozilla cert store with my extension. The only possibility I've found…
David Feurle
  • 2,687
  • 22
  • 38
4
votes
1 answer

NSS Shared DB not working with SunPKCS11

I have configured NSS 3.12.4 to work with my java program using SunPKCS11 provider in FIPS mode and everything works great. Now i am following the steps mentioned in https://blogs.oracle.com/meena/entry/what_s_new_in_nss1 to make NSS work as a…
Atul Soman
  • 4,612
  • 4
  • 30
  • 45
4
votes
1 answer

Building libcurl with nss support

I built the 64-bit version of nss and am trying to use it to build the curl library using the --without-ssl and --with-nss=NSS_ROOT option. During the configure stage, I see the following: checking for PK11_CreateGenericObject in -lnss3...…
Raj
  • 708
  • 3
  • 10
  • 21
4
votes
1 answer

Access Firefox's certificate trust store from Java

I'm almost losing hope on this one. I'm trying to access the Firefox trust store from Java 7 using the NSS libraries that come with the Firefox installation, via PKCS#11. Here is the code: import java.security.KeyStore; import…
Bogdan
  • 1,796
  • 3
  • 15
  • 16
3
votes
1 answer

JSS SSLSocket problem choosing Client Certificate

This is a cross-post from the Mozilla Crypto Dev ML. Hoping that someone on SO has some experience using org.mozilla.jss. Link: JSS - MDN I'm trying to make two separate HTTPS requests to a remote host using two client sockets and two different…
praspa
  • 624
  • 2
  • 7
  • 12
3
votes
2 answers

sssd Error: Could not start TLS encryption. (unknown error code)

I am trying to configure Linux machine authentication with Google secure LDAP, adding the steps below that I have done Added the LDAP client with below permission: Access permission: Entire Domain Read user information: Entire Domain Read group…
Ashwani
  • 485
  • 2
  • 9
  • 23
3
votes
1 answer

nslcd authentication is failing with error "lookup failed: No results returned" for ldap users

I am using nslcd service to authenticate ldap user during SSH login and it is failing with below error nslcd: [16231b] uid=omc,ou=people,ou=accounts,dc=netact,dc=net: lookup failed: No results returned Below is the nslcd debug logs during ldap user…
Nikhil
  • 576
  • 1
  • 11
  • 31
3
votes
0 answers

php curl nss initialize error

I use php curl to visit https website such as "https://api.mch.weixin.qq.com" in a php-fpm environment, the code is:
youly
  • 61
  • 7
1
2
3
11 12