I dont think its the extensions, as the certificate work well, if not stored in hw-token. Here is my CA:
One more question.
At one time, NSS had some problems that occurred when the same cert appeared in multiple tokens. I wonder if that was affecting you.
I wonder if you originally had your personal cert and private key in the "software token", then you exported that key/cert to a PKCS12 file, and transferred it to the HW token, but it was still also in the software token.
Does that sound like a possible explanation?
I'd be interested in knowing if you can reproduce this problem with a new cert DB that has only your root CA cert in it, and an empty key DB.
/Nelson
_______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
