I have an issue with the NSSDB lib and my browsers in which client certificates I use for an application (Nessus Vulnerability Scanner) show up in the list with the same friendly name/nickname, making it very difficult to distinguish which certificate goes with which server.

Each certificate is generated on a different server with a different hostname but the same username. Upon importing the certificate into my browser, or even the pk12util command, the first certificate will appear correctly. However, importing additional certificates will just reuse the nickname from the first certificate instead of the nickname I chose. I have tested many different scenarios, and it doesn't seem the problem is related at all to the content of the nickname, so I have no idea how to force it to work correctly. I've searched around and found some indications of "nickname conflicts" and things, but nothing that helps me resolve the issue. I'm not sure if it's a bug or if it's some weird condition I've encountered.