diff --git a/Linux/nss_revoke.sh b/Linux/nss_revoke.sh
index 1a7887c6bc99731c37996babce62e9cedaa0b4a3..e6d63ffda6ca8ad66a4b35ba29254b1f8430dae4 100755
--- a/Linux/nss_revoke.sh
+++ b/Linux/nss_revoke.sh
@@ -3,11 +3,20 @@
 DBPATH=$1
 CERTS=$2
 
+
+echo "Resetting CA set"
+RESETS=``
+
+certutil -d sql:${DBPATH} -L | grep -oP "NSS Certificate DB:revoke-china-certs:[^\s]+" | \
+while read CERT;do
+    certutil -d sql:${DBPATH} -D -n "${CERT}"
+done
+
 echo "Revoking CAs in $DBPATH/cert9.db"
 
 for CERT in $CERTS;do
     # p,p,p: prohibit all use
-    certutil -d sql:${DBPATH} -A -n "${CERT}" -t p,p,p -i ${CERT}
+    certutil -d sql:${DBPATH} -A -n "revoke-china-certs:${CERT}" -t p,p,p -i ${CERT}
 done
 
 echo "Done"