joshuaaa wrote, On 2008-07-22 23:56: > I was under the impression (read somewhere here) that firefox 3 would > allow the cert database to be updated WHILE firefox was running. I'm > getting the same old behavior in FF3. ie. remove cert while firefox is > open, view cert manager and the cert still exists. Have I > misunderstood or am I doing something wrong?
Firefox stores certs in several places, two of which are the built-in list of root CA certs, and the cert DB. The cert DB can be updated, as you suggest, and certs can be deleted. There should be no need to do any restarts after editing the cert DB. However, deleting root CA certs from the built-in list of root certs is not possible. For them, you need to "edit" them and remove the trust flags, rather than try to delete them. > If this behavior is by design, is there a way to tell it to grab a new > instance of the cert store? Any solutions to get around this issue? If you try to delete a root cert from the cert DB, and the root cert is not presently in use (e.g. you're not visiting an SSL server whose cert chain uses it)., the results should be immediate. If they're not, file a bug. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
