Bug 1227376 - Cannot specify certificates by RFC7512 PKCS#11 URI
Summary: Cannot specify certificates by RFC7512 PKCS#11 URI
Status: CLOSED DUPLICATE of bug 1460051
Alias: None
Product: Fedora
Classification: Fedora
Component: nss
Version: 25
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
Assignee: Kai Engert (:kaie) (inactive account)
QA Contact: Fedora Extras Quality Assurance
Depends On:
Blocks: 1217727 1411345 1520527
TreeView+ depends on / blocked
Reported: 2015-06-02 14:05 UTC by David Woodhouse
Modified: 2018-07-20 13:34 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2017-07-11 13:33:21 UTC
Type: Bug

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Mozilla Foundation 1162897 0 None None None 2016-08-19 15:28:36 UTC

Description David Woodhouse 2015-06-02 14:05:04 UTC
Fedora packaging guidelines state that packages should accept PKCS#11 URIs to specify SSL certificates. NSS doesn't seem to have a way to do this; the best advise for Fedora packages currently linked against NSS is "if you can build against OpenSSL or GnuTLS instead, do so".

Let's fix that...

Comment 1 Jan Kurik 2016-07-26 04:16:03 UTC
This bug appears to have been reported against 'rawhide' during the Fedora 25 development cycle.
Changing version to '25'.

Comment 2 Fedora Admin XMLRPC Client 2016-08-15 15:53:31 UTC
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.

Comment 3 David Woodhouse 2016-08-18 06:39:35 UTC
GSoC student has this basically working. Would desperately love some NSS experts to help refine it for submission...


Comment 4 David Woodhouse 2016-08-19 15:28:37 UTC
First round of patches submitted to http://bugzil.la/1162897

Comment 5 Kai Engert (:kaie) (inactive account) 2017-07-11 13:33:21 UTC
This should be resolved by the upgrade to NSS 3.31, marking as duplicate.

*** This bug has been marked as a duplicate of bug 1460051 ***

Note You need to log in before you can comment on or make changes to this bug.