forked from nss-dev/nss
-
Notifications
You must be signed in to change notification settings - Fork 0
NSS Tools
Endi S. Dewata edited this page Jul 22, 2022
·
1 revision
$ dnf install nss-tools
See certutil.
See modutil.
To export a certificate, its key, and the certificate chain from NSS database into a PKCS #12 file:
$ pk12util \ -d <NSS database> \ -K <NSS password> \ -o <PKCS #12 file> \ -W <PKCS #12 password> \ -n <nickname>
See also PKI PKCS12 CLI.
Start ssltap:
$ ssltap -sxl $HOSTNAME:8443
Then use a browser to open port 1924.
To run an SSL server:
$ /usr/lib64/nss/unsupported-tools/selfserv -d nssdb -n sslserver -p 8443 -w Secret.123 -V tls1.0:tls1.2
To run an SSL client:
$ /usr/lib64/nss/unsupported-tools/tstclnt -d nssdb -b -V tls1.0:tls1.2 -C -h $HOSTNAME -p 8443
To display cipher suites:
$ /usr/lib64/nss/unsupported-tools/listsuites