[Pki-devel] Need help to store NSS DB response error message in variable using shell script

[SAURAV .]

Hi Dev Team,

I am writing a shell script for adding and deleting certificate in NSS DB
at system level.

I have a question that if I have to delete the CA certificate from NSS DB
and suppose if its CRL file

is also stored in DB, so I am thinking to delete the CRL file first and
then CA certificate from NSS

DB, for deleting the CRL we will use crlutil command and lets assume that
if I have to

delete CA certificate from NSS DB and its CRL file is not store there but
delete command of CRL

file has to execute before executing the delete command certificate. If CRL
is not there then in

command prompt it will show database error message that
SEC_ERROR_CRL_NOT_FOUND: No

matching CRL was found. So my question is that can I get this error message
in variable to check

and log it. I have executed code like this to store the response of crlutil
delete command but it has

directly printed on console. Below command I have used

result=$(crlutil -D -d sql:/etc/pki/nssdb -n "Nickname").

If it possible to store response error message then please guide me so that
I can use it in my code.

Regards,
Saurav
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20170510/29823f32/attachment.htm>