fixes revoke script to remove certs first

Linux/nss_revoke.sh

@@ -3,11 +3,20 @@
 DBPATH=$1
 CERTS=$2
 
+
+echo "Resetting CA set"
+RESETS=``
+
+certutil -d sql:${DBPATH} -L | grep -oP "NSS Certificate DB:revoke-china-certs:[^\s]+" | \
+while read CERT;do
+    certutil -d sql:${DBPATH} -D -n "${CERT}"
+done
+
 echo "Revoking CAs in $DBPATH/cert9.db"
 
 for CERT in $CERTS;do
     # p,p,p: prohibit all use
-    certutil -d sql:${DBPATH} -A -n "${CERT}" -t p,p,p -i ${CERT}
+    certutil -d sql:${DBPATH} -A -n "revoke-china-certs:${CERT}" -t p,p,p -i ${CERT}
 done
 
 echo "Done"