diff options
Diffstat (limited to 'security/nss/lib/certhigh/ocsp.c')
| -rw-r--r-- | security/nss/lib/certhigh/ocsp.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/security/nss/lib/certhigh/ocsp.c b/security/nss/lib/certhigh/ocsp.c index 5eb340b28..150977149 100644 --- a/security/nss/lib/certhigh/ocsp.c +++ b/security/nss/lib/certhigh/ocsp.c @@ -3704,6 +3704,12 @@ CERT_SetOCSPDefaultResponder(CERTCertDBHandle *handle, * used const to convey that it does not modify the name. Maybe someday. */ cert = CERT_FindCertByNickname(handle, (char *) name); + if (cert == NULL) { + /* + * look for the cert on an external token. + */ + cert = PK11_FindCertFromNickname((char *)name, NULL); + } if (cert == NULL) return SECFailure; @@ -3831,6 +3837,10 @@ CERT_EnableOCSPDefaultResponder(CERTCertDBHandle *handle) */ cert = CERT_FindCertByNickname(handle, statusContext->defaultResponderNickname); + if (cert == NULL) { + cert = PK11_FindCertFromNickname(statusContext->defaultResponderNickname, + NULL); + } /* * We should never have trouble finding the cert, because its * existence should have been proven by SetOCSPDefaultResponder. |