You are currently viewing a snapshot of www.mozilla.org taken on April 21, 2008. Most of this content is highly out of date (some pages haven't been updated since the project began in 1998) and exists for historical purposes only. If there are any pages on this archive site that you think should be added back to www.mozilla.org, please file a bug.

Skip to main content

You are here: NSS Security Tools > NSS Security Tools: certutil Tasks

NSS Security Tools: certutil Tasks

Newsgroup: mozilla.dev.tech.crypto
Technical contact: Ian McGreer
Yell at the manager: Bob Lord

Task List

  1. Better error reporting. Most certutil errors provide no detail. Mistakes with command-line options just print a usage message.
  2. Improve certificate listings. Allow for sorting by name and trust. Sorting by trust will return CA certs first.
  3. Allow listing and lookup of keys by index and nickname.
  4. Improve coherence of key and certificate nicknames.
  5. Remove keys "stranded" without a certificate (except for the imminent (????) encryption key for password files).
  6. Support importing keys from a file.
  7. Improve hardware token support.
  8. (bugfix) Some certificate extensions cause certutil to crash.
  9. (bugfix) Certificate entries require a serial number; one should be generated automatically if not provided.
  10. (bugfix) Null password is given to new key3.db; should prompt user for an initial password.
  11. (bugfix) Listing provate keys does not work: requires password authentication.
  12. (bugfix) Listing certificate extensions has typos and does not provide much information.