Hi! I am using opensaml on our webapplication. It works fine when I am using the default java security provider. However, I am having an exceptions if I change the java security provider to PKCS11 (SunPKCS11-NSS). I tried to trace the java code and seems like it is failing because all the trusted root certificates that I added on the NSS keystore seems to have the same CKA_LABEL.
I am using using certutil to add a new root certificate on my NSS keystore. I am specifying a unique nickname for every ceriticate. I am not sure if it is possible to set the CKA_LABEL. If yes, please let me know how to do it. Thanks in advance! Eric -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
