This is indeed the location of cert7.db and key3.db. I was able to get
it working by importing the self-signed certificate with pk12util. (ex.
pk12util -i servercert.pfx -d C:\Documents and Settings\<username>\.mcc)
This might be sufficiently useful for inclusion in the Wiki.
George Holbert wrote:
When running the console on Unix, these files are created under
ls -l ~/.mcc
-rw-r--r-- 1 root other 226 Jan 12 14:27
-rw------- 1 root other 65536 Aug 16 18:32 cert8.db
-rw------- 1 root other 32768 Aug 16 18:32 key3.db
-rw------- 1 root other 32768 Aug 16 18:32 secmod.db
I'm not sure where this stuff would be created on Windows, but might
be under C:\Documents and Settings\<username>\.mcc ? Just a guess.
Brian Rudy wrote:
> Since I am using a self-signed certificate on the directory server,
> which would require installation on the client, this all appears to
> make sense. Now for the question: How does one install certificates
> on the client when using JSS/NSPR/NSS as shown in the Wiki? It looks
> like you would need to create your own cert7.db and key3.db with
> certutil, and import the Server-Cert, but I'm a bit confused as to
> where the .db files should be located, and what they should be named.
> Has anyone done this who wouldn't mind sharing?