Network Security Services (NSS)


This NSS documentation was just imported from our legacy MDN repository. It currently is very deprecated and likely incorrect or broken in many places.

Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards.

NSS is available under the Mozilla Public License v2 (MPLv2).

If you’re a developer and would like to contribute to NSS, you might want to read the documents:

Getting Started

Building NSS

This page contains information how to download, build and test NSS.


This page contains information about recent releases of NSS.


This page contains information about older releases of NSS.


This page contains information about the community and how to reach out.


References below this point are part of the deprecated documentation and will be ported in the future. You can contribute to refreshing this documentation by submitting changes directly in the NSS repository (nss/doc/rst).



Provides an overview of the NSS libraries and what you need to know to use them.


Summarizes the SSL APIs exported by the NSS shared libraries.


API used to invoke SSL operations.


Explains how the libraries and code are organized, and guidelines for developing code (naming conventions, error handling, thread safety, etc.)


Links to NSS technical notes, which provide latest information about new NSS features and supplementary documentation for advanced topics in programming with NSS.

Tools, testing, and other technical details


How to make changes in NSS. Coding style, maintaining ABI compatibility.


Tools for developing, debugging, and managing applications that use NSS.


Demonstrates how NSS can be used for cryptographic operations, certificate handling, SSL, etc.


A list of third-party code included in the NSS library.

NSS 3.2 Test Suite

Archived version. Describes how to run the standard NSS tests.

NSS Performance Reports

Archived version. Links to performance reports for NSS 3.2 and later releases.

Encryption Technologies Available in NSS 3.11

Archived version. Lists the cryptographic algorithms used by NSS 3.11.

NSS 3.1 Loadable Root Certificates

Archived version. Describes the scheme for loading root CA certificates.


Archived version. General format of the cert7.db database.

PKCS #11 information

CA certificates pre-loaded into NSS

NSS is built on top of Netscape Portable Runtime (NSPR)

Additional Information

  • Using the window.crypto object from JavaScript

  • mozilla_projects_nss_http_delegation

  • mozilla_projects_nss_tls_cipher_suite_discovery

  • mozilla_projects_nss_certificate_download_specification

  • mozilla_projects_nss_fips_mode_-_an_explanation

  • mozilla_projects_nss_key_log_format


Information on NSS planning can be found at, including: