Jean-Philippe,
On 11/7/2013 23:48, Jean-Philippe Franchini wrote:
Hello,
Our java application generates certificates with the Bouncy Castle library.
When a certificate C1 imported in Firefox is about to expire, the application
can renew it and creates a certificate C2 based on C1 information. The field
values are the same except the serial number and the security keys.
But when importing C2, C1 is not replaced.
Why do you expect C1 to be replaced ?
NSS will handle both certificates. They will show up under the same
nickname, however. All certs with the same subject have the same nickname.
If you want C1 to be replaced, you would have to delete it after C2 is
imported. This is not necessarily what users would want, though. You
could just leave it alone.
Julien
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto