SSL: Create a cert7.db Certificate Database

The Smart Panda - NSS&NSPRIn the old days of PeopleSoft you needed to create a cert7.db database file in order to do things like LDAPS. However, to create an cert7.db file requires very old software because this format is very uncommon today. I have found you can create a cert7.db file using Netscape v4.7.3 or earlier according to various websites. However, I am very suspect of downloading old versions of software. There is an old toolset NSS (Network Security Services) & NSPR (Netscape Portable Runtime) available from Netscape (Mozilla) which does a nice job in creating the cert7.db.

To download I found you want to get version: NSS v3.4.2 and NSPR v4.1.2 use the Mozilla FTP site:

I unzipped the files to separate directories, and then used a command prompt to setup the PATH to include both directories library’s:


From the \bin directory, we need to run the certutil to create a new NSS Certificate Database:

certutil -N -d c:\temp\certdbfolder

To Add The Root CA Certificate:

certutil -A -n MyCA -d c:\temp\certdbfolder -i CA.cert -t C,C,C

To Add The Server Certificate:

certutil -A -n MyServer -d c:\temp\certdbfolder -i server.cert -t P

In order to use the cert7.db in the PeopleSoft Application Server, depending on your Tools & Application level you will want to put the files cert7.db & key3.db & secmod.db in the Application Server Domain root directory or in a folder “cert” in the root directory.