[prev in list] [next in list] [prev in thread] [next in thread]
List: mozilla-crypto
Subject: Re: This is really driving me insane!
From: "Hal Hildebrand \(web\)" <Hal.Hildebrand () hellblazer ! com ! remove-this ! netscape ! com
Date: 2003-04-16 22:09:06
[Download RAW message or body]
Okay, I finally figured it out.
I had to go in an change the password on the "NSS Certificate DB" token. Why? I \
haven't a clue.
But at least I'm past that and into more generic JCE issues that I know I can solve \
or at least explain.
I know that my problem was mine, and could have been solved by reading some \
documentation that I obviously didn't read.
However, as a small suggestion, in the "Using the JSS" guide, or in the "JCA Provider \
Notes", or somewhere, you have a clear and concise list of what you have to do to get \
things started. The way things are structured, you have to really try to tease out \
the information as to what's required to do just trivially simple things.
I mean, I'm not trying to use this for SSL, just Crypto - as a JCE replacement. Why \
should I be worried about passwords (tell me). Why do I have to set the password \
after creating the databases (tell me). Why should I have to read a document about \
SSL when I'm just trying to deal with the Crypto facilities?
Otherwise, I'm left confused in my naive and dolt-like state.
Sorry for the rant, but it was driving me insane.
> Okay, I cannot figure this out. Could someone please tell me the obvious thing I'm \
> missing here? I have created the db's with modutil as required. I am initializing \
> the JSS with CryptoManager.initialize(configDir). I then try to use this from the \
> JCE interfaces and get:
>
> org.mozilla.jss.crypto.TokenRuntimeException: unable to login to token
> at org.mozilla.jss.provider.java.security.JSSKeyPairGeneratorSpi.generateKeyPair(JSSKeyPairGeneratorSpi.java:85)
>
> If I try the NullPasswordCallback, it fails.
>
> If I list the NSS Internal PKCS #11 Module, I find:
>
> Login Type: Public (no login required)
>
> So why the heck am I getting the error indicating that the module cannot login? \
> What simple and obvious thing am I missing? I
know
> I'm likely a complete dolt and have missed something clearly spelled out, but can \
> anyone lend a hand?
> modutil.exe -dbdir . -list "NSS Internal PKCS #11 Module"
> Using database directory ....
>
> -----------------------------------------------------------
> Name: NSS Internal PKCS #11 Module
> Library file: **Internal ONLY module**
> Manufacturer: mozilla.org
> Description: NSS Internal Crypto Services
> PKCS #11 Version 2.11
> Library Version: 3.8
> Cipher Enable Flags: None
> Default Mechanism Flags: RSA:RC2:RC4:DES:DH:SHA1:MD5:MD2:SSL:TLS
>
> Slot: NSS Internal Cryptographic Services
> Slot Mechanism Flags: RSA:RC2:RC4:DES:DH:SHA1:MD5:MD2:SSL:TLS
> Manufacturer: mozilla.org
> Type: Software
> Version Number: 3.8
> Firmware Version: 0.0
> Status: Enabled
> Token Name: NSS Generic Crypto Services
> Token Manufacturer: mozilla.org
> Token Model: NSS 3
> Token Serial Number: 0000000000000000
> Token Version: 4.0
> Token Firmware Version: 0.0
> Access: Write Protected
> Login Type: Public (no login required)
> User Pin: NOT Initialized
>
> Slot: NSS User Private Key and Certificate Services
> Slot Mechanism Flags: None
> Manufacturer: mozilla.org
> Type: Software
> Version Number: 3.8
> Firmware Version: 0.0
> Status: Enabled
> Token Name: NSS Certificate DB
> Token Manufacturer: mozilla.org
> Token Model: NSS 3
> Token Serial Number: 0000000000000000
> Token Version: 8.3
> Token Firmware Version: 0.0
> Access: NOT Write Protected
> Login Type: Login required
> User Pin: NOT Initialized
>
> -----------------------------------------------------------
>
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic