forked from nss-dev/nss
-
Notifications
You must be signed in to change notification settings - Fork 0
Debugging NSS
Endi S. Dewata edited this page Jul 23, 2022
·
2 revisions
$ yum install yum-utils $ debuginfo-install nss
The NSS security libraries provide the crypto foundation around which all of the Dogtag services are derived. This section gives example on how to debug NSS (PKCS11) in the Dogtag server.
Find the name of the PKCS #11 module:
$ modutil -list -nocertdb -dbdir /var/lib/pki/pki-tomcat/alias
To debug the client, specify the following environment variables:
$ export NSPR_LOG_MODULES="all:5" $ export NSPR_LOG_FILE="/tmp/pkcs11.log" $ export NSS_DEBUG_PKCS11_MODULE="NSS Internal PKCS #11 Module"
To debug the server, specify the environment variables in /etc/sysconfig/pki-tomcat:
NSPR_LOG_MODULES="all:5" NSPR_LOG_FILE="/tmp/pki-tomcat.log" NSS_DEBUG_PKCS11_MODULE="NSS Internal PKCS #11 Module"
Then start/restart the server:
$ systemctl start pki-tomcatd@pki-tomcat.service
The log messages will be written into the specified log file.