How to use certutil

Issues related to applications and software problems
Post Reply
User avatar
warron.french
Posts: 291
Joined: 2014/03/27 20:21:58

How to use certutil

Post by warron.french » 2018/10/29 23:28:01

I read the manpage for certutil, and tried to execute commands based on my understanding.

Code: Select all

[root@wfrench-logsvr ~]# certutil -d /etc/pki/nssdb/  -L

Certificate Nickname                                         Trust Attributes
                                                             SSL,S/MIME,JAR/XPI

[root@wfrench-logsvr ~]# certutil -d /etc/pki/nssdb/cert8.db  -L
certutil: function failed: SEC_ERROR_LEGACY_DATABASE: The certificate/key database is in an old, unsupported format.
[root@wfrench-logsvr ~]# certutil -d /etc/pki/nssdb/cert9.db  -L
certutil: function failed: SEC_ERROR_LEGACY_DATABASE: The certificate/key database is in an old, unsupported format.
Am I not supposed to list the cert8.db or cert9.db file? Just the path to the files?

If so, how do you know if Google Chrome (cert9.db) is going to trust a certificate versus Firefox (cert8.db)?

This is a follow-on to my efforts to try and figure out how to holistically approach with as few unique solutions as possible; managing:
1. Citrix Receiver,
2. Google Chrome,
3. Firefox,
4. JAVA certificate truststore
5. System certificate store


Last bumped by warron.french on 2018/10/29 23:28:01.
\\War

Post Reply