cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: libcurl 7.21.4 with NSS

From: Kamil Dudka <kdudka_at_redhat.com>
Date: Sat, 19 Feb 2011 09:37:49 +0100

On Saturday 19 February 2011 01:36:35 valli.natarajan_at_emc.com wrote:
> I just managed to build libcurl 7.21.4 with NSS version 3.12.9. My test
> program works fine (connects to secured appserver that is running on remote
> machine) only when there is no /etc/pki/nssdb directory exists in the
> machine. Otherwise, I'm getting error "NSS error -8187", the NSS error 8187
> means SEC_ERROR_INVALID_ARGS (Security library: invalid arguments). Here is
> more info
>
> Trying xx.x.xx.xx...
> connected
>
> Connected to myserver.domain.com (xx.x.xx.xx) port 9302 (#0)
>
> Initializing NSS with certpath: /etc/pki/nssdb
>
> Unable to initialize NSS database
>
> NSS error -8187
>
> Closing connection #0
>
> Problem with the SSL CA cert (path? access rights?)
>
> Any ideas to resolve or workaround this issue?

You can provide another path to NSS database by the SSL_DIR environment
variable. Alternatively, if /etc/pki/nssdb (the path is hardcoded) does
not exist, NSS starts with no database. But that's probably not what you
want to do. I suggest to create a new database:

# certutil -N -d PATH_TO_NSS_DATABASE

http://www.mozilla.org/projects/security/pki/nss/tools/certutil.html

What system are you actually running on?

Kamil
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2011-02-19