nss_initialize failed. certificate database /etc/httpd/alias

Discussion:

(too old to reply)

Robert Daniels

2015-01-12 17:09:03 UTC

We changed our NSS database to use the newer sqlite certificate store. We modified wsgi-sfapi.conf from:

NSSCertificateDatabase /etc/httpd/alias

to

NSSCertificateDatabase sql:/etc/httpd/alias

Restarting the server showed errors:

"Unable to change directory to sql:/etc/httpd/alias"

and

NSS_Initialize failed. Certificate database: /etc/httpd/alias.
SSL Library Error: -8038

Double checked permissions they are all the same prior to the change:

-rw-r----- root apache cert9.db
-rw-r----- root apache key4.db

Not sure what the issue is.

Robert Daniels

2015-01-12 19:12:59 UTC

Permalink

I should add we also have SELinux enabled. Using RHEL 6.6

Robert Daniels

2015-01-29 14:25:56 UTC

Permalink

Post by Robert Daniels
NSSCertificateDatabase /etc/httpd/alias
to
NSSCertificateDatabase sql:/etc/httpd/alias
"Unable to change directory to sql:/etc/httpd/alias"
and
NSS_Initialize failed. Certificate database: /etc/httpd/alias.
SSL Library Error: -8038
-rw-r----- root apache cert9.db
-rw-r----- root apache key4.db
Not sure what the issue is.

FYI - This was found to be an issue with RHEL 6.6, which does not support the newer nss db. Redhat has hinted it will be supported in a newer release, tbd.