I'm using SunPKCS11 security provider to store key entries (certificate + private key) into a nShield HSM using the setKeyEntry method but when I store the same certificate with different aliases the first one is removed from de HSM. I've tested with soft HSM too but I get the same behaviour.
I found this in PKCS#11 Reference Guide but I'm not storing CA certificates, they are user certificates:
"If a CA certificate is already in the token, a duplicate is not stored."
Is possible to store the same certificate (and private key) with different aliases using SunPKCS11 security provider?
It´s a Sun PKCS#11 implementation bug:
https://bugs.openjdk.org/browse/JDK-8264099
Additionally I am forced to use a vendor specific implementation to avoid performance issues.