Thanks for your input, currently I'm trying to get it working with the
description supplied here.
Am 27.09.2010 22:38, schrieb Howard Chu:
doesn't seem to be a configure switch to enable NSS, like with Gnutls or
There is no switch for it at this time.
And that is because currently MozNSS cannot be used transparently as a
drop-in replacement for OpenSSL or GnuTLS. Once the MozNSS folks get
their PEM handler into their mainline code, it ought to work reasonably
transparently, and at that point we may provide a configure switch for
it. For now, we do not endorse or support it.
Perhaps I can give you some additional reason to support NSS: MozNSS has
the "certdb thing" and PKCS11 support. We (that is my company: kernel
concepts) want to get evolution's ldap backend to support client side
certificates from software and hardware tokens and that is exactly, what
MozNSS provides out of the box. OpenSSL currently lacks PKCS11 support
completely (AFAIK) and Gnutls support for PKCS11 is very new, so our
goal is, to get everything we need out of NSS.