Jean-Marc Desperrier wrote:
Wan-Teh Chang wrote:
If you would like to see this fix in NSS 3.9.1, please add a comment in Bug 53133 and we can work with John Myers to get his fix into the right NSS cvs branch.
I did that, and I could also verify it as fixed in the Mozilla trunk.
[...] I suspect you would need to delete the old certificate and install the certificate again with the new binaries of NSS 3.9.1 (or 3.10) that has the fix for bug 53133.
This sounds bad :-(, because it seems the certs affected by this problem can't be backuped (see dependant bug 217305)
Here is what I would do : 1) backup your cert8.db and key3.db files 2) remove your key3.db 3) delete the cert in current Mozilla 4) upgrade to the NSS version that fixes the problem 5) restore your old key3.db 6) reimport your public cert from the CA
This should preserve the private key in key3.db, and is probably the only way to do it if the key was generated in the token (not escrowed by the CA), and you were unable to back it up yourself.
_______________________________________________
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
