Comment 57 for bug 1771880

I am personally working on this issue, you can follow my progress on https://gitlab.gnome.org/GNOME/seahorse/-/issues/205

So far it looks like there are a number of bugs; a simplified picture looks something like this:

 seahorse: gcr_import_button_add_parsed() gnome-keyring: gkr-tool-import: on_parser_parsed()
      | |
      | +-------------------+
      | |
      v v
 gcr: gcr_importer_create_for_parsed()
      |
      v
 gcr: iface->create_for_parsed()
      |
      v
 gcr: _gcr_pkcs11_importer_create_for_parsed()
      | ^ |
      v | v
 gcr: list_all_slots() gcr: is_slot_importable() for p11-kit-trust.so
 (loads PKCS#11 modules, (prints: "token is not importable: %s: write protected")
  enumerates their slots)
      | ^ | ^
      v | v | remote procedure call
 p11-kit-trust.so gnome-keyring-pkcs11.so ----------------------> gnome-keyring-daemon
      | ^ (disabled by blacklist) |
      v | v
 trust policy module gnome2-store (I kid you not)
      | ^ |
      v | v
 read-only system CA certificates ~/.local/share/keyrings/user.keystore
 and blacklist (fails to find a section)

Wish me luck...