$ /usr/local/opt/nss/bin/modutil -create -dbdir /tmp/nssdbWARNING: Performin

1. $ /usr/local/opt/nss/bin/modutil -create -dbdir /tmp/nssdb
2.  
3. WARNING: Performing this operation while the browser is running could cause
4. corruption of your security databases. If the browser is currently running,
5. you should exit browser before continuing this operation. Type
6. 'q <enter>' to abort, or <enter> to continue:
7.  
8. Function # Calls Time Avg. % Time
9.  
10. C_Initialize 1 1000us 1000.00us 50.00%
11. C_Finalize 1 1000us 1000.00us 50.00%
12. C_GetInfo 1 0 z 0.00us 0.00%
13. C_GetSlotList 2 0 z 0.00us 0.00%
14. C_GetSlotInfo 2 0 z 0.00us 0.00%
15. C_GetTokenInfo 4 0 z 0.00us 0.00%
16. C_GetMechanismList 6 0 z 0.00us 0.00%
17. C_InitPIN 1 0 z 0.00us 0.00%
18. C_OpenSession 5 0 z 0.00us 0.00%
19. C_CloseSession 3 0 z 0.00us 0.00%
20. C_CloseAllSessions 2 0 z 0.00us 0.00%
21. C_GetSessionInfo 3 0 z 0.00us 0.00%
22. C_Login 1 0 z 0.00us 0.00%
23. C_Logout 1 0 z 0.00us 0.00%
24. C_FindObjectsInit 2 0 z 0.00us 0.00%
25. C_FindObjects 2 0 z 0.00us 0.00%
26. C_FindObjectsFinal 2 0 z 0.00us 0.00%
27.  
28. Totals 39 2000us
29.  
30.  
31. Maximum number of concurrent open sessions: 3
32.  
33. $ /usr/local/opt/nss/bin/pk12util -d /tmp/nssdb -i /tmp/[redacted].p12 -W '[redacted]'
34. pk12util: no nickname for cert in PKCS12 file.
35. pk12util: using nickname: [redacted]
36. pk12util: PKCS12 IMPORT SUCCESSFUL
37. Function # Calls Time Avg. % Time
38.  
39. C_Initialize 1 1000us 1000.00us 10.00%
40. C_Finalize 1 1000us 1000.00us 10.00%
41. C_GetInfo 1 0 z 0.00us 0.00%
42. C_GetSlotList 2 0 z 0.00us 0.00%
43. C_GetSlotInfo 2 0 z 0.00us 0.00%
44. C_GetTokenInfo 2 0 z 0.00us 0.00%
45. C_GetMechanismList 4 0 z 0.00us 0.00%
46. C_OpenSession 21 0 z 0.00us 0.00%
47. C_CloseSession 19 0 z 0.00us 0.00%
48. C_CloseAllSessions 2 0 z 0.00us 0.00%
49. C_GetSessionInfo 1 0 z 0.00us 0.00%
50. C_CreateObject 4 2000us 500.00us 20.00%
51. C_DestroyObject 5 0 z 0.00us 0.00%
52. C_GetAttributeValue 18 0 z 0.00us 0.00%
53. C_SetAttributeValue 1 0 z 0.00us 0.00%
54. C_FindObjectsInit 45 1000us 22.22us 10.00%
55. C_FindObjects 45 0 z 0.00us 0.00%
56. C_FindObjectsFinal 45 0 z 0.00us 0.00%
57. C_DecryptInit 1 0 z 0.00us 0.00%
58. C_DecryptUpdate 2 0 z 0.00us 0.00%
59. C_DigestInit 8 0 z 0.00us 0.00%
60. C_DigestUpdate 8 0 z 0.00us 0.00%
61. C_DigestFinal 8 0 z 0.00us 0.00%
62. C_SignInit 1 0 z 0.00us 0.00%
63. C_SignUpdate 6 0 z 0.00us 0.00%
64. C_SignFinal 1 0 z 0.00us 0.00%
65. C_GenerateKey 5 4000us 800.00us 40.00%
66. C_UnWrapKey 1 1000us 1000.00us 10.00%
67.  
68. Totals 260 10ms
69.  
70.  
71. Maximum number of concurrent open sessions: 5
72.  
73. $ java -Djava.security.debug=sunpkcs11 -cp jetty-all-9.4.19.v20190610-uber.jar:openjsse-1.0.1-SNAPSHOT.jar:. HelloNSS11 '[redacted]'
74. 2019-07-09 08:03:09.704:INFO::main: Logging initialized @166ms to org.eclipse.jetty.util.log.StdErrLog
75. SunPKCS11 loading /tmp/pkcs11.cfg
76. NSS modules: [NSS Internal PKCS #11 Module (CRYPTO, /usr/local/opt/nss/lib/libsoftokn3.dylib, slot 0), NSS Internal PKCS #11 Module (KEYSTORE, /usr/local/opt/nss/lib/libsoftokn3.dylib, slot 1)]
77. sunpkcs11: Initializing PKCS#11 library /usr/local/opt/nss/lib/libsoftokn3.dylib
78. Information for provider SunPKCS11-NSSfips
79. Library info:
80. cryptokiVersion: 2.20
81. manufacturerID: Mozilla Foundation
82. flags: 0
83. libraryDescription: NSS Internal Crypto Services
84. libraryVersion: 3.36
85. All slots: 1, 2
86. Slots with tokens: 1, 2
87. Slot info for slot 2:
88. slotDescription: NSS User Private Key and Certificate Services
89. manufacturerID: Mozilla Foundation
90. flags: CKF_TOKEN_PRESENT
91. hardwareVersion: 3.36
92. firmwareVersion: 0.00
93. Token info for token in slot 2:
94. label: NSS Certificate DB
95. manufacturerID: Mozilla Foundation
96. model: NSS 3
97. serialNumber: 0000000000000000
98. flags: CKF_RNG | CKF_USER_PIN_INITIALIZED | CKF_DUAL_CRYPTO_OPERATIONS | CKF_TOKEN_INITIALIZED
99. ulMaxSessionCount: CK_EFFECTIVELY_INFINITE
100. ulSessionCount: 1
101. ulMaxRwSessionCount: CK_EFFECTIVELY_INFINITE
102. ulRwSessionCount: 0
103. ulMaxPinLen: 255
104. ulMinPinLen: 0
105. ulTotalPublicMemory: 1
106. ulFreePublicMemory: 1
107. ulTotalPrivateMemory: 1
108. ulFreePrivateMemory: 1
109. hardwareVersion: 0.00
110. firmwareVersion: 0.00
111. utcTime: 0000000000000000
112. [...]
113. WARNING: An illegal reflective access operation has occurred
114. WARNING: Illegal reflective access by org.openjsse.sun.security.ssl.OpenJSSE$1 (file:/Users/arthur.ramsey/nss-3.36.0/openjsse-1.0.1-SNAPSHOT.jar) to field sun.security.x509.AlgorithmId.nameTable
115. WARNING: Please consider reporting this to the maintainers of org.openjsse.sun.security.ssl.OpenJSSE$1
116. WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
117. WARNING: All illegal access operations will be denied in a future release
118. sunpkcs11: login operation not required for token - ignoring login request
119. 2019-07-09 08:03:09.914:INFO:oejs.Server:main: jetty-9.4.19.v20190610; built: 2019-06-10T16:30:51.723Z; git: afcf563148970e98786327af5e07c261fda175d3; jvm 11.0.2+9
120. 2019-07-09 08:03:09.948:INFO:oejs.AbstractConnector:main: Started ServerConnector@2f943d71{HTTP/1.1,[http/1.1]}{0.0.0.0:8080}
121. 2019-07-09 08:03:09.951:INFO:oejus.SslContextFactory:main: x509=X509@6a400542([redacted]) for FIPSSslContextFactory@6580cfdd[provider=null,keyStore=null,trustStore=null]
122. 2019-07-09 08:03:10.043:INFO:oejs.AbstractConnector:main: Started ServerConnector@78047b92{SSL,[ssl, http/1.1]}{0.0.0.0:8443}
123. 2019-07-09 08:03:10.043:INFO:oejs.Server:main: Started @507ms