I have a program that creates a custom certificate pool in several steps, loading various certificates that have different levels of access to the resources in the program. I would like to use one of the earlier stages as a separate certificate pool to ensure that only certificates from that pool can access a particular port.

Unfortunately the best solution seems to be to load the certificates twice since there is no way to clone pools. I see this has been suggested a number of times before, although each time the particular application suggested has been solved by a different method. The code to do this is already there in the copy method: I'm just suggesting we upper-case it.

See the very closely related:
#24540