I am continuing my battle with secure sockets ... rather than starting one
enormous mail thread, I am going to start several mail threads, one per issue
I've found.
This is the first one.
Our code assumes the sql method is available for managing certificates (hope
I've got the terminology wrong).
On at least one platform I have the nss/nspr packages installed, but no sql
method as the following shows:
root@vm04:~# rm -rf /etc/pki; mkdir -p -m 0755 /etc/pki/nssdb
root@vm04:~# certutil -d sql:/etc/pki/nssdb -N -f /tmp/empty
certutil: function failed: security library: bad database.
root@vm04:~# certutil -d /etc/pki/nssdb -N -f /tmp/empty
This is on CentOS 5.9.
I believe we need to do one or more of the following: (a) support methods other
than sql, or (b) provide tighter prerequisites to force the necessary pieces to
be installed, or (c) don't allow a "secure sockets" build unless the platform
supports the sql method, or ...
|