Please review the attached patch which addresses the following ticket: * PKI TRAC Ticket #1432 - Certificate nickname improvement <https://fedorahosted.org/pki/ticket/432> This was tested by successfully: * creating a shared PKI instance containing a CA, KRA, OCSP, TKS, and TPS, * creating a separated CA, * creating a separated KRA, * creating a separated OCSP, * creating a separated TKS, * creating a separated TPS, and * installing a FreeIPA instance Detailed contents of the nicknames as they appear in the NSS security databases of both the shared PKI instance as well as each of the separated PKI instances is detailed in the above ticket.