nss

cURL not working (Error #77) for SSL connections on CentOS for non-root users

by

I just had a similar problem with Error#77 on CentOS7. I was missing the softlink /etc/pki/tls/certs/ca-bundle.crt that is installed with the ca-certificates RPM. ‘curl’ was attempting to open this path to get the Certificate Authorities. I discovered with: strace curl https://example.com and saw clearly that the open failed on that link. My fix was: yum … Read more

What is the difference between a PKCS12 keystore and a PKCS11 keystore?

by

PKCS#12 is a file format (often called .p12 or .pfx) where you can store a private key and certificates. It’s used for converting/transporting keys and certificates, mainly. If you export a private key + certificate from your browser, it’s likely going to be in that format. PKCS#11 is an interface, usually used to talk to … Read more