Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-17 23:35:34 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
e483585f05
gecko-dev/security/nss/lib/ckfw/builtins
History
Franziskus Kiefer 6d466422fe Bug 1334127 - land NSS 01d6c0dff06f, r=me 
--HG--
extra : rebase_source : 37ce5889894c3a0208c91c2fa254ab6a8c9ba080
2017-02-13 14:27:06 +01:00
..
anchor.c Bug 1245053, Upgrade Mozilla 47 to use NSS 3.23, land RC0, r=me 2016-02-26 11:23:11 +01:00
bfind.c Bug 1245053, Upgrade Mozilla 47 to use NSS 3.23, land RC0, r=me 2016-02-26 11:23:11 +01:00
binst.c Bug 1228410, land NSS 3.22 Beta 2, r=nss-confcall 2016-01-25 16:14:18 +01:00
bobject.c Bug 1228410, land NSS 3.22 Beta 2, r=nss-confcall 2016-01-25 16:14:18 +01:00
bsession.c Bug 1228410, land NSS 3.22 Beta 2, r=nss-confcall 2016-01-25 16:14:18 +01:00
bslot.c Bug 1228410, land NSS 3.22 Beta 2, r=nss-confcall 2016-01-25 16:14:18 +01:00
btoken.c Bug 1228410, land NSS 3.22 Beta 2, r=nss-confcall 2016-01-25 16:14:18 +01:00
builtins.gyp Bug 1305970 - land NSS 0x0c845c900217, r=me 2016-10-15 08:45:05 +02:00
builtins.h Bug 1228410, land NSS 3.22 Beta 2, r=nss-confcall 2016-01-25 16:14:18 +01:00
certdata.perl Bug 1305970 - land NSS 0x0c845c900217, r=me 2016-10-15 08:45:05 +02:00
certdata.txt Bug 1334127 - land NSS 01d6c0dff06f, r=me 2017-02-13 14:27:06 +01:00
ckbiver.c Bug 1228410, land NSS 3.22 Beta 2, r=nss-confcall 2016-01-25 16:14:18 +01:00
config.mk Bug 1304919 - Update NSS to trunk, r=ekr 2016-09-26 10:47:58 +10:00
constants.c Bug 1228410, land NSS 3.22 Beta 2, r=nss-confcall 2016-01-25 16:14:18 +01:00
exports.gyp Bug 1317947 - land NSS 0x5b7a40ced8c5, r=me 2016-11-16 14:06:23 +01:00
Makefile Bug 1305970 - land NSS 0x0c845c900217, r=me 2016-10-15 08:45:05 +02:00
manifest.mn
nssckbi.def
nssckbi.h Bug 1317947 - land NSS ee21c9892907, r=me 2017-01-21 14:23:56 +01:00
nssckbi.rc
README

README 

This README file explains how to add a builtin root CA certificate to NSS
or remove a builtin root CA certificate from NSS.

The builtin root CA certificates in NSS are stored in the nssckbi PKCS #11
module. The sources to the nssckbi module are in this directory.

I. Adding a Builtin Root CA Certificate

You need to use the addbuiltin command-line tool to add a root CA certificate
to the nssckbi module. In the procedure described below, we assume that the
new root CA certificate is distributed in DER format in the file newroot.der.

1. Add the directory where the addbuiltin executable resides to your PATH
environment variable. Then, add the directory where the NSPR and NSS shared
libraries (DLLs) reside to the platform-specific environment variable that
specifies your shared library search path: LD_LIBRARY_PATH (most Unix
variants), SHLIB_PATH (32-bit HP-UX), LIBPATH (AIX), or PATH (Windows).

2. Copy newroot.der to this directory.

3. In this directory, run addbuiltin to add the new root certificate. The
argument to the -n option should be replaced by the nickname of the root
certificate.

    % addbuiltin -n "Nickname of the Root Certificate" -t C,C,C < newroot.der >> certdata.txt

4. Edit nssckbi.h to bump the version of the module.

5. Run gmake in this directory to build the nssckbi module.

6. After you verify that the new nssckbi module is correct, check in
certdata.txt and nssckbi.h.

II. Removing a Builtin Root CA Certificate

1. Change directory to this directory.

2. Edit certdata.txt and remove the root CA certificate.

3. Edit nssckbi.h to bump the version of the module.

4. Run gmake in this directory to build the nssckbi module.

5. After you verify that the new nssckbi module is correct, check in
certdata.txt and nssckbi.h.