Code: Select all
[root@wfrench-logsvr ~]# certutil -d /etc/pki/nssdb/ -L
Certificate Nickname Trust Attributes
SSL,S/MIME,JAR/XPI
[root@wfrench-logsvr ~]# certutil -d /etc/pki/nssdb/cert8.db -L
certutil: function failed: SEC_ERROR_LEGACY_DATABASE: The certificate/key database is in an old, unsupported format.
[root@wfrench-logsvr ~]# certutil -d /etc/pki/nssdb/cert9.db -L
certutil: function failed: SEC_ERROR_LEGACY_DATABASE: The certificate/key database is in an old, unsupported format.
If so, how do you know if Google Chrome (cert9.db) is going to trust a certificate versus Firefox (cert8.db)?
This is a follow-on to my efforts to try and figure out how to holistically approach with as few unique solutions as possible; managing:
1. Citrix Receiver,
2. Google Chrome,
3. Firefox,
4. JAVA certificate truststore
5. System certificate store