Open
Bug 291394
Opened 19 years ago
Updated 2 years ago
certutil -D should allow selecting specific cert to delete by serial #
Categories
(NSS :: Tools, enhancement, P4)
Tracking
(Not tracked)
NEW
People
(Reporter: julien.pierre, Unassigned)
Details
When deleting a certificate, only a nickname can be passed in to certutil with -n. In many cases (eg. cert renewals), there are multiple certificates under a given nickname. But customers only want to delete a specific one. certutil currently will only delete one certificate under the specified nickname, and uses a non-deterministic method to select which one. I propose that : - we add an option serial number option to be used in conjunction with -D and -n, to select a specific cert by serial number - if a serial number isn't passed in certutil should always look for multiple cert under the given nickname, and if it finds more than one, should prompt the user if he wants to delete all of them at once. I realize there could still be two certs with the same subject and serial number if they were from different issuers, but I don't think it's common enough to warrant passing an additional issuer argument to differentiate them in this case. We would just delete all the certs match the serial # specified if there is more than one.
Reporter | ||
Updated•19 years ago
|
Severity: normal → enhancement
Updated•19 years ago
|
QA Contact: bishakhabanerjee → jason.m.reid
Updated•18 years ago
|
Assignee: wtchang → nobody
QA Contact: jason.m.reid → tools
Updated•18 years ago
|
Priority: -- → P4
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•