Network Security Services (NSS)#Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. For detailed information on standards supported, see Overview of NSS.
Most people will end up here trying to utilize the cert/6/7/8/.db and/or key3.db files which are part of the NSS framework.
Cert#.db and Key#.db Files#
cert7.db and cert8.db Files#These files hold public certificates of accepted sources.
key3.db#This file hold private keys and certificates.
Putting DER encoded Certificates Into NSS DB files#If the application is using cert8.db files, then the certutil for the platform you are on should be able to to import the DER encoded Certificates directly in to the certificate store.
cert7.db #I know of two methods to add a DER encoded Certificates into NSS the ceert7.db store.
First, requires using OpenSSL and the certutil (utility from NSS). You would use openSSL to convert the DER encoded Certificates into a format like PKCS#12 that you can then use the certutil utility to add the certificate to the NSS db files.
Second, do this:
- download and install the Netscape Browser 4.79 for your platform.
- Copy over the existing cert7.db and key3.db files with the files in the attached zip file.
- Open the Netscape Browser 4.79
- Drop the DER encoded Certificates certificate on the Browser container.
- Accept the prompts as prompted.
- Copy the cert7.db and key3.db files to where you require them.