Network Security Services (NSS)¶
This NSS documentation was just imported from our legacy MDN repository. It currently is very deprecated and likely incorrect or broken in many places.
Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards.
NSS is available under the Mozilla Public License v2 (MPLv2).
If you’re a developer and would like to contribute to NSS, you might want to read the documents:
- Building NSS
This page contains information how to download, build and test NSS.
This page contains information about recent releases of NSS.
This page contains information about older releases of NSS.
This page contains information about the community and how to reach out.
References below this point are part of the deprecated documentation and will
be ported in the future. You can contribute to refreshing this documentation
by submitting changes directly in the NSS repository (
Provides an overview of the NSS libraries and what you need to know to use them.
Summarizes the SSL APIs exported by the NSS shared libraries.
API used to invoke SSL operations.
Explains how the libraries and code are organized, and guidelines for developing code (naming conventions, error handling, thread safety, etc.)
Links to NSS technical notes, which provide latest information about new NSS features and supplementary documentation for advanced topics in programming with NSS.
Tools, testing, and other technical details
How to make changes in NSS. Coding style, maintaining ABI compatibility.
Tools for developing, debugging, and managing applications that use NSS.
Demonstrates how NSS can be used for cryptographic operations, certificate handling, SSL, etc.
A list of third-party code included in the NSS library.
- NSS 3.2 Test Suite
Archived version. Describes how to run the standard NSS tests.
- NSS Performance Reports
Archived version. Links to performance reports for NSS 3.2 and later releases.
- Encryption Technologies Available in NSS 3.11
Archived version. Lists the cryptographic algorithms used by NSS 3.11.
- NSS 3.1 Loadable Root Certificates
Archived version. Describes the scheme for loading root CA certificates.
Archived version. General format of the cert7.db database.
PKCS #11 information
Using the JAR Installation Manager to Install a PKCS #11 Cryptographic Module
CA certificates pre-loaded into NSS
List of pre-loaded CA certificates
Consumers of this list must consider the trust bit setting for each included root certificate. More Information, Extracting roots and their trust bits
NSS is built on top of Netscape Portable Runtime (NSPR)
NSPR - NSPR project page.
NSPR API Reference - NSPR API documentation.
Information on NSS planning can be found at wiki.mozilla.org, including: