I’ve seen now there is a trust command (from “p11-kit-trust” package) which manage the only CA system storage. My question is: is “certutil” command (which is designed to manage NSS-based certificates) still useful for something “trust” command can’t yet do, now Fedora uses an unified CA system storage where NSS libraries should rely upon??
Are "nss-tools" package (and specifically "certutil" command) no more used in Fedora 30 onwards?
I’ve got the answer: “trust” command is for system-wide CA certificates BD (which Firefox imports from /usr/share/p11/… and uses), but “certutil” is for user-only CA/server certificates BD (which is located in cert9.db file, inside Firefox’s user profile)
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.