Julien Pierre wrote:
There is no API to do this directly, but it's possible. However, it'll
take some work. Try the following :
1) read and backup the DER cert (or certs, if you have multiple with the
same subject name) from the DB . There is a "SECItem derCert" field in
the CERTCertificate structure to get at it .
If you have trust, use CERT_GetCertTrust to save it also.
2) delete the cert(s) from the DB . Use SEC_DeletePermCertificate .
3) import the cert(s) with a new nickname . Use CERT_ImportCerts to do
this.
If you have trust, use CERT_ChangeCertTrust to restore it .
Might be worth coding this up to save some of the manual effort of doing
each P12 with KeyMan. If I do, I'll post it up here so you all can
laugh at my awful C coding :).
Dave
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
