On 23 , 19:57, Nelson B <[EMAIL PROTECTED]> wrote: > Andrei Korostelev wrote: > > On Jul 23, 7:42 am, Nelson Bolyard <[EMAIL PROTECTED]> > > wrote: > >> Andrei Korostelev wrote: > >>> After importing a certificate into the Firefox either using > >>> certutil.exe utility or programatically using NSS API > >>> (P12U_ImportPKCS12Object / PK11_ImportCert), I can see that the > >>> certificate has been successfully imported (%certutils.exe -L) , > >>> however Firefox does not display it (Tools->Options->Advanced->View > >>> Certificates) until I restart the browser. > >> Have you tried closing the Certificate Manager window, and reopening > >> that window? > > >>> I am wondering is it a way to instruct the already running Firefox to > >>> reload its security database (containing certs) without restarting it > >>> (e.g. this happens when I import cert. from Firefox UI)? > >> /Nelson > > > Of course I did. It does not refresh the cert list. > > You can easily try it yourself: > > // add certificate > > %certutil.exe -A -i <CertPath> -n <CertName> -d <FirefoxProfileDir> -t > > "C,C,C" > > // list certificates > > %certutil -L -d <FirefoxProfileDir> > > // remove certificate > > %certutil -D -n <CertName> -d <FirefoxProfileDir> > > Wait, you're running certutil on the browser's DB while the browser is > running? That's absolutely not supported in any current release of NSS. > NSS's DB code cannot be safely used by more than one process on the same > DB at the same time EXCEPT in the case where ALL the simultaneous users > have the DB open read-only, which the browser never does. > > The problem is worse than mere lack of coherence (the problem you reported). > You can easily corrupt the DB by operating on it while the browser is > running. > > -- > Nelson B
This is what I've found out at the moment: http://groups.google.com/group/mozilla.dev.apps.firefox/browse_thread/thread/3eb07a7c454d72c0/# _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
