Log in

No account? Create an account

Previous Entry | Next Entry

Originally published at Lost Entropy. Please leave any comments there.

Just over a year ago, I created a bunch of SSL certs following the instructions here: http://www.devklog.net/2008/05/25/generating-ssl-certificates-that-will-make-firefox-3-happy/

I’m having some interesting problems creating a new certificate to replace an expired one.

When I created a new certificate (as a leaf of a self-signed CA cert), to replace the expired leaf, I got a message saying that the certificate already existed.

I backed up and then deleted the expired cert and tried again, to no avail.

I saw this old thread which seems related to the problems I’m having, but the solutions there didn’t help me (I’m already manually picking serial numbers in the format yyyymmddnn, where nn is the number of certificates I’ve created that day, and deleting the Certificate Authority folder from Application Support in my home library didn’t make a difference either).

Anyone else had similar trouble? How did you resolve it?