Hi folks,
I'm trying to retrieve certificates from nss databases but i'm getting "Token Alias Map: [empty]" from debug whem i run keystore.load().
I have two client certificates installed in these databases as follow:
camweb@desenv:~/.local/share/serpro/assinadoc$ certutil -L -d nss/
Certificate Nickname Trust Attributes (SSL,S/MIME,JAR/XPI)
Autoridade Certificadora Raiz de Homologacao SERPRO - ICP-Brasil ,,
Autoridade Certificadora Intermediaria HOMv2 - ICP-Brasil ,,
Autoridade Certificadora ACSERPRORFBv3 Homologacao ,,
{BD10CF8C-F2CC-446C-9BE3-E0B15ADF5454} u,u,u
le-77f31ffd-c6f6-4d2b-a8f6-eed87ce29f4d u,u,u
The private keys is available:
certutil: Checking token "NSS Certificate DB" in slot "NSS User Private Key and Certificate Services"
< 0> rsa 779cf0fa73c6109bc27bc6c35a28f5224f23f019 le-77f31ffd-c6f6-4d2b-a8f6-eed87ce29f4d
< 1> rsa 4c3f5d54c953387da2cc4447ac075666560a0be4 {BD10CF8C-F2CC-446C-9BE3-E0B15ADF5454}
Here's my config file passed to SunPKCS11's constructor:
name=System-nss
nssLibraryDirectory=/home/camweb/.local/share/serpro/assinadoc/nss
nssSecmodDirectory=/home/camweb/.local/share/serpro/assinadoc/nss
nssDbMode=readWrite
nssModule=keystore
And here some code (briefly described):
construtor = Class.forName("sun.security.pkcs11.SunPKCS11").getConstructor(new Class[] { String.class });
Provider provider = (Provider) construtor.newInstance(new Object[] { myConfigFileLocation })
Security.addProvider(provider);
//here's some omitted code to login but there's no password for access the key store. Debug returns sunpkcs11: login operation not required for token - ignoring login request
KeyStore keystorePKCS11 = keyStore = KeyStore.getInstance("PKCS11", "SunPKCS11-System-nss");
keyStore.load(null, null); //DEBUG: Token Alias Map: [empty]
Can anyone help me?
Thanks in advance.