Thanks George, This is indeed the location of cert7.db and key3.db. I was able to get it working by importing the self-signed certificate with pk12util. (ex. pk12util -i servercert.pfx -d C:\Documents and Settings\<username>\.mcc) This might be sufficiently useful for inclusion in the Wiki. George Holbert wrote: > Hi Brian, > When running the console on Unix, these files are created under > $HOME/.mcc. > > ls -l ~/.mcc > total 178 > -rw-r--r-- 1 root other 226 Jan 12 14:27 > Console.4.0.Login.preferences > -rw------- 1 root other 65536 Aug 16 18:32 cert8.db > -rw------- 1 root other 32768 Aug 16 18:32 key3.db > -rw------- 1 root other 32768 Aug 16 18:32 secmod.db > > I'm not sure where this stuff would be created on Windows, but might > be under C:\Documents and Settings\<username>\.mcc ? Just a guess. > > -- George > > > Brian Rudy wrote: >> <snip> >> Since I am using a self-signed certificate on the directory server, >> which would require installation on the client, this all appears to >> make sense. Now for the question: How does one install certificates >> on the client when using JSS/NSPR/NSS as shown in the Wiki? It looks >> like you would need to create your own cert7.db and key3.db with >> certutil, and import the Server-Cert, but I'm a bit confused as to >> where the .db files should be located, and what they should be named. >> >> Has anyone done this who wouldn't mind sharing?
