How to configure applications to use Gnome Keyring certificates and keys

WARNING: the documentation on this page is very old and probably doesn't work anymore.

For most of these you need the NSS tools installed. These will probably come packaged with your distro (called 'libnss3-tools' or something like that).

Please, notice that this feature is still experimental and may have bugs.

Epiphany

• This sets up a pointer in the Epiphany certificate db which refers to the gnome-keyring certificate/key store.

• You need the NSS modutil tool installed.

• Close all epiphany windows.

  $ modutil -add gnome-keyring -libfile /usr/lib/gnome-keyring/gnome-keyring-pkcs11.so -mechanisms RSA:DSA -dbdir ~/.gnome2/epiphany/

Firefox

• This sets up a pointer in the Firefox certificate db which refers to the gnome-keyring certificate/key store.

• You need the NSS modutil tool installed.

• Close all firefox windows.

  $ modutil -add gnome-keyring -libfile /usr/lib/gnome-keyring/gnome-keyring-pkcs11.so -mechanisms RSA:DSA -dbdir ~/.mozilla/firefox/*.default/

Evolution

• This sets up a pointer in the Evolution certificate db which refers to the gnome-keyring certificate/key store.

• You need the NSS modutil tool installed.

• Close all evolution windows.

  $ bonobo-slay; modutil -add gnome-keyring -libfile /usr/lib/gnome-keyring/gnome-keyring-pkcs11.so -mechanisms RSA:DSA -dbdir ~/.evolution/

Subversion

• You need Subversion trunk using neon >= 0.28 built against GnuTLS >= 1.7.17 and pakchois

• Edit ~/.subversion/servers, and add either to the global section or a specific group:

  • ssl-pkcs11-provider = gnome-keyring

Unconfiguring applications not to use Gnome Keyring anymore

To go back, just type the command replacing '-add' with '-delete'.