Nalin Dahyabhai <firstname.lastname@example.org>
On Wed, May 23, 2007 at 11:13:34AM -0500, Mike McGrath wrote:
> Ahh, so this does actually prevent you from importing into firefox? We
> can fix this but its just a matter of time to do it. We're actually
> already working on the second iteration of the accounts system and we
> may have better luck fixing it there. The current code base can be
> found here though:
If I've already imported the CA certificate, it does prevent me from
importing my certificate.
Okay, I think I see the problem. If I'm reading it right, gen-cert.cgi
creates a new "serial" file for every certificate issued. OpenSSL
usually increments the value in that file when you issue a new
certificate, so preserving either the file or its contents between runs
should solve the problem.
I'm afraid I don't know enough about how the system is deployed to offer
suggestions about where to do that, though.