head 1.63; access; symbols pkgsrc-2026Q1:1.62.0.2 pkgsrc-2026Q1-base:1.62 pkgsrc-2025Q4:1.61.0.2 pkgsrc-2025Q4-base:1.61 pkgsrc-2025Q3:1.59.0.2 pkgsrc-2025Q3-base:1.59 pkgsrc-2025Q2:1.58.0.6 pkgsrc-2025Q2-base:1.58 pkgsrc-2025Q1:1.58.0.4 pkgsrc-2025Q1-base:1.58 pkgsrc-2024Q4:1.58.0.2 pkgsrc-2024Q4-base:1.58 pkgsrc-2024Q3:1.57.0.2 pkgsrc-2024Q3-base:1.57 pkgsrc-2024Q2:1.54.0.2 pkgsrc-2024Q2-base:1.54 pkgsrc-2024Q1:1.53.0.2 pkgsrc-2024Q1-base:1.53 pkgsrc-2023Q4:1.52.0.2 pkgsrc-2023Q4-base:1.52 pkgsrc-2023Q3:1.51.0.2 pkgsrc-2023Q3-base:1.51 pkgsrc-2023Q2:1.50.0.2 pkgsrc-2023Q2-base:1.50 pkgsrc-2023Q1:1.49.0.4 pkgsrc-2023Q1-base:1.49 pkgsrc-2022Q4:1.49.0.2 pkgsrc-2022Q4-base:1.49 pkgsrc-2022Q3:1.46.0.2 pkgsrc-2022Q3-base:1.46 pkgsrc-2022Q2:1.45.0.6 pkgsrc-2022Q2-base:1.45 pkgsrc-2022Q1:1.45.0.4 pkgsrc-2022Q1-base:1.45 pkgsrc-2021Q4:1.45.0.2 pkgsrc-2021Q4-base:1.45 pkgsrc-2021Q3:1.42.0.6 pkgsrc-2021Q3-base:1.42 pkgsrc-2021Q2:1.42.0.4 pkgsrc-2021Q2-base:1.42 pkgsrc-2021Q1:1.42.0.2 pkgsrc-2021Q1-base:1.42 pkgsrc-2020Q4:1.41.0.2 pkgsrc-2020Q4-base:1.41 pkgsrc-2020Q3:1.39.0.4 pkgsrc-2020Q3-base:1.39 pkgsrc-2020Q2:1.39.0.2 pkgsrc-2020Q2-base:1.39 pkgsrc-2020Q1:1.34.0.2 pkgsrc-2020Q1-base:1.34 pkgsrc-2019Q4:1.34.0.4 pkgsrc-2019Q4-base:1.34 pkgsrc-2019Q3:1.33.0.4 pkgsrc-2019Q3-base:1.33 pkgsrc-2019Q2:1.33.0.2 pkgsrc-2019Q2-base:1.33 pkgsrc-2019Q1:1.32.0.10 pkgsrc-2019Q1-base:1.32 pkgsrc-2018Q4:1.32.0.8 pkgsrc-2018Q4-base:1.32 pkgsrc-2018Q3:1.32.0.6 pkgsrc-2018Q3-base:1.32 pkgsrc-2018Q2:1.32.0.4 pkgsrc-2018Q2-base:1.32 pkgsrc-2018Q1:1.32.0.2 pkgsrc-2018Q1-base:1.32 pkgsrc-2017Q4:1.31.0.6 pkgsrc-2017Q4-base:1.31 pkgsrc-2017Q3:1.31.0.4 pkgsrc-2017Q3-base:1.31 pkgsrc-2017Q2:1.30.0.2 pkgsrc-2017Q2-base:1.30 pkgsrc-2017Q1:1.26.0.2 pkgsrc-2017Q1-base:1.26 pkgsrc-2016Q4:1.23.0.4 pkgsrc-2016Q4-base:1.23 pkgsrc-2016Q3:1.23.0.2 pkgsrc-2016Q3-base:1.23 pkgsrc-2016Q2:1.22.0.4 pkgsrc-2016Q2-base:1.22 pkgsrc-2016Q1:1.22.0.2 pkgsrc-2016Q1-base:1.22 pkgsrc-2015Q4:1.21.0.2 pkgsrc-2015Q4-base:1.21 pkgsrc-2015Q3:1.20.0.2 pkgsrc-2015Q3-base:1.20 pkgsrc-2015Q2:1.18.0.2 pkgsrc-2015Q2-base:1.18 pkgsrc-2015Q1:1.17.0.2 pkgsrc-2015Q1-base:1.17 pkgsrc-2014Q4:1.15.0.4 pkgsrc-2014Q4-base:1.15 pkgsrc-2014Q3:1.15.0.2 pkgsrc-2014Q3-base:1.15 pkgsrc-2014Q2:1.13.0.4 pkgsrc-2014Q2-base:1.13 pkgsrc-2014Q1:1.13.0.2 pkgsrc-2014Q1-base:1.13 pkgsrc-2013Q4:1.12.0.8 pkgsrc-2013Q4-base:1.12 pkgsrc-2013Q3:1.12.0.6 pkgsrc-2013Q3-base:1.12 pkgsrc-2013Q2:1.12.0.4 pkgsrc-2013Q2-base:1.12 pkgsrc-2013Q1:1.12.0.2 pkgsrc-2013Q1-base:1.12 pkgsrc-2012Q4:1.9.0.2 pkgsrc-2012Q4-base:1.9 pkgsrc-2012Q3:1.8.0.10 pkgsrc-2012Q3-base:1.8 pkgsrc-2012Q2:1.8.0.8 pkgsrc-2012Q2-base:1.8 pkgsrc-2012Q1:1.8.0.6 pkgsrc-2012Q1-base:1.8 pkgsrc-2011Q4:1.8.0.4 pkgsrc-2011Q4-base:1.8 pkgsrc-2011Q3:1.8.0.2 pkgsrc-2011Q3-base:1.8 pkgsrc-2011Q2:1.6.0.6 pkgsrc-2011Q2-base:1.6 pkgsrc-2011Q1:1.6.0.4 pkgsrc-2011Q1-base:1.6 pkgsrc-2010Q4:1.6.0.2 pkgsrc-2010Q4-base:1.6 pkgsrc-2010Q3:1.4.0.6 pkgsrc-2010Q3-base:1.4 pkgsrc-2010Q2:1.4.0.4 pkgsrc-2010Q2-base:1.4 pkgsrc-2010Q1:1.4.0.2 pkgsrc-2010Q1-base:1.4 pkgsrc-2009Q4:1.3.0.2 pkgsrc-2009Q4-base:1.3 pkgsrc-2009Q3:1.2.0.16 pkgsrc-2009Q3-base:1.2 pkgsrc-2009Q2:1.2.0.14 pkgsrc-2009Q2-base:1.2 pkgsrc-2009Q1:1.2.0.12 pkgsrc-2009Q1-base:1.2 pkgsrc-2008Q4:1.2.0.10 pkgsrc-2008Q4-base:1.2 pkgsrc-2008Q3:1.2.0.8 pkgsrc-2008Q3-base:1.2 cube-native-xorg:1.2.0.6 cube-native-xorg-base:1.2 pkgsrc-2008Q2:1.2.0.4 pkgsrc-2008Q2-base:1.2 cwrapper:1.2.0.2 pkgsrc-2008Q1:1.1.1.1.0.6 pkgsrc-2008Q1-base:1.1.1.1 pkgsrc-2007Q4:1.1.1.1.0.4 pkgsrc-2007Q4-base:1.1.1.1 pkgsrc-2007Q3:1.1.1.1.0.2 pkgsrc-2007Q3-base:1.1.1.1 pkgsrc-base:1.1.1.1 TNF:1.1.1; locks; strict; comment @# @; 1.63 date 2026.05.01.08.56.36; author wiz; state Exp; branches; next 1.62; commitid afkLN6m2p247E5EG; 1.62 date 2026.03.01.10.03.42; author wiz; state Exp; branches; next 1.61; commitid ORVH8h0VjKDHYfwG; 1.61 date 2025.11.01.22.44.26; author wiz; state Exp; branches; next 1.60; commitid psLTnnPIyTnO2UgG; 1.60 date 2025.09.30.16.07.39; author wiz; state Exp; branches; next 1.59; commitid B311XLQVo25qSKcG; 1.59 date 2025.07.19.20.10.09; author wiz; state Exp; branches; next 1.58; commitid QLmNVyNmtfj3zo3G; 1.58 date 2024.12.07.11.18.30; author wiz; state Exp; branches; next 1.57; commitid zDmFILotfRIbPyAF; 1.57 date 2024.09.15.10.35.00; author wiz; state Exp; branches; next 1.56; commitid 0zKwq8VQySJifTpF; 1.56 date 2024.08.31.18.41.27; author wiz; state Exp; branches; next 1.55; commitid 3yYEavGKAIikq0oF; 1.55 date 2024.07.03.06.06.30; author wiz; state Exp; branches; next 1.54; commitid nlz6ExBgqpYW8mgF; 1.54 date 2024.06.09.22.25.11; author wiz; state Exp; branches; next 1.53; commitid W5DOeNnDPiVBkmdF; 1.53 date 2024.02.20.16.51.44; author jperkin; state Exp; branches; next 1.52; commitid v1NXo5tu6O2j1cZE; 1.52 date 2023.11.25.10.32.24; author wiz; state Exp; branches; next 1.51; commitid 2ydg9lSM1ffGIYNE; 1.51 date 2023.08.12.07.05.17; author wiz; state Exp; branches; next 1.50; commitid OsshbWqDDNpRWsAE; 1.50 date 2023.06.01.13.20.40; author wiz; state Exp; branches; next 1.49; commitid ZsyWsaKZlgM9lfrE; 1.49 date 2022.12.04.16.12.46; author wiz; state Exp; branches; next 1.48; commitid xEEqvGM9CEaU2g4E; 1.48 date 2022.12.04.16.09.47; author wiz; state Exp; branches; next 1.47; commitid tHKtueA8cSUU1g4E; 1.47 date 2022.12.01.12.55.36; author wiz; state Exp; branches; next 1.46; commitid I2CeZsyY7Thg3R3E; 1.46 date 2022.07.03.10.16.57; author wiz; state Exp; branches; next 1.45; commitid 08WvaStI2srL1rKD; 1.45 date 2021.10.14.12.42.16; author wiz; state Exp; branches; next 1.44; commitid ETuSRdDsaQHIfMcD; 1.44 date 2021.10.14.07.35.54; author tron; state Exp; branches; next 1.43; commitid SHYyFj0vYyoxyKcD; 1.43 date 2021.10.14.07.21.43; author tron; state Exp; branches; next 1.42; commitid oJUQ86SVlVQJtKcD; 1.42 date 2021.01.11.22.50.37; author wiz; state Exp; branches; next 1.41; commitid 7fUgX6DToHHuumDC; 1.41 date 2020.11.29.06.18.17; author dogcow; state Exp; branches; next 1.40; commitid O8Qj27IkhuFznKxC; 1.40 date 2020.11.27.16.18.35; author gdt; state Exp; branches; next 1.39; commitid g8t6MVHFZk60LxxC; 1.39 date 2020.06.12.10.35.11; author maya; state Exp; branches; next 1.38; commitid 8J2bZ5Cl8t9egVbC; 1.38 date 2020.06.02.22.32.02; author jperkin; state Exp; branches; next 1.37; commitid lqBXsjERgijuyHaC; 1.37 date 2020.05.30.22.39.08; author tnn; state Exp; branches; next 1.36; commitid IMhoIYtelzVRGjaC; 1.36 date 2020.05.30.12.55.46; author tnn; state Exp; branches; next 1.35; commitid 9RoeXj5z6l9nsgaC; 1.35 date 2020.03.30.16.38.03; author gdt; state Exp; branches; next 1.34; commitid zgtwdk0hyx8bEr2C; 1.34 date 2019.12.07.18.29.31; author sevan; state Exp; branches; next 1.33; commitid xTSiriBBk38UUNNB; 1.33 date 2019.05.12.19.19.27; author maya; state Exp; branches; next 1.32; commitid 4uLTOQl4hgzEUWmB; 1.32 date 2018.03.04.01.42.31; author ryoon; state Exp; branches; next 1.31; commitid VHLBo9GKc3x125tA; 1.31 date 2017.07.06.00.58.35; author gdt; state Exp; branches; next 1.30; commitid KdRZ9hakrddyw6Yz; 1.30 date 2017.06.22.00.30.10; author gdt; state Exp; branches; next 1.29; commitid cMmPu2fgkoosPiWz; 1.29 date 2017.06.19.00.37.48; author gdt; state Exp; branches; next 1.28; commitid CX8Vy4LLgQisWUVz; 1.28 date 2017.06.19.00.32.37; author gdt; state Exp; branches; next 1.27; commitid 0tZi6OYmFaHHVUVz; 1.27 date 2017.06.19.00.10.21; author gdt; state Exp; branches; next 1.26; commitid 6MlgMz6xeYvBMUVz; 1.26 date 2017.03.15.18.52.55; author jperkin; state Exp; branches 1.26.2.1; next 1.25; commitid 2j6dd1HxQPQJ6GJz; 1.25 date 2017.03.03.15.46.27; author bsiegert; state Exp; branches; next 1.24; commitid qxXUIN3Bbpf8s7Iz; 1.24 date 2017.02.03.09.56.49; author maya; state Exp; branches; next 1.23; commitid g3kq1V5EKOHgquEz; 1.23 date 2016.07.21.12.37.43; author wiz; state Exp; branches; next 1.22; commitid Ef2uHPcZAIzBEbfz; 1.22 date 2016.02.06.10.22.54; author tron; state Exp; branches; next 1.21; commitid MYpoIQduYA9HeQTy; 1.21 date 2015.10.18.19.24.39; author tnn; state Exp; branches; next 1.20; commitid 3303qKbbNa6vNCFy; 1.20 date 2015.09.12.13.06.13; author tnn; state Exp; branches; next 1.19; commitid 6A9COyx6byE9SXAy; 1.19 date 2015.09.11.20.32.33; author tnn; state Exp; branches; next 1.18; commitid 5x4MUchRLr12nSAy; 1.18 date 2015.04.18.20.11.35; author dholland; state Exp; branches; next 1.17; commitid nPZMZAT6Hf30X6iy; 1.17 date 2015.02.16.13.09.10; author tnn; state Exp; branches; next 1.16; commitid 8XGtr8jjby8xzeay; 1.16 date 2015.01.27.13.53.06; author jperkin; state Exp; branches; next 1.15; commitid fzEoXjLkPh7BsF7y; 1.15 date 2014.09.06.08.03.00; author wiz; state Exp; branches; next 1.14; commitid LVHQxbdLvgkt7gPx; 1.14 date 2014.08.25.08.34.44; author mlelstv; state Exp; branches; next 1.13; commitid nqdZ5adjerq9GINx; 1.13 date 2014.03.03.06.01.26; author obache; state Exp; branches; next 1.12; commitid 41ZT2BbCE3xqsdrx; 1.12 date 2013.03.15.16.14.55; author bsiegert; state Exp; branches; next 1.11; 1.11 date 2013.03.15.12.36.25; author fhajny; state Exp; branches; next 1.10; 1.10 date 2013.01.31.09.39.00; author wiz; state Exp; branches; next 1.9; 1.9 date 2012.10.23.18.16.36; author asau; state Exp; branches; next 1.8; 1.8 date 2011.09.08.19.46.01; author drochner; state Exp; branches; next 1.7; 1.7 date 2011.08.31.11.42.43; author drochner; state Exp; branches; next 1.6; 1.6 date 2010.11.13.21.09.03; author shattered; state Exp; branches; next 1.5; 1.5 date 2010.10.22.10.41.49; author wiz; state Exp; branches; next 1.4; 1.4 date 2010.03.21.16.29.43; author wiz; state Exp; branches; next 1.3; 1.3 date 2009.11.03.02.43.55; author wiz; state Exp; branches; next 1.2; 1.2 date 2008.06.22.23.05.00; author joerg; state Exp; branches; next 1.1; 1.1 date 2007.09.20.20.02.53; author jlam; state Exp; branches 1.1.1.1; next ; 1.26.2.1 date 2017.06.21.18.45.27; author bsiegert; state Exp; branches; next ; commitid rJHHO4n2sWgcVgWz; 1.1.1.1 date 2007.09.20.20.02.53; author jlam; state Exp; branches; next ; desc @@ 1.63 log @mozilla-rootcerts*: update to data from 20260412 @ text @# $NetBSD: Makefile,v 1.62 2026/03/01 10:03:42 wiz Exp $ # # Please also update the dependency pattern in mozilla-rootcerts-openssl # and bump its version when updating this package. DISTNAME= mozilla-rootcerts-1.1.${CERTDATA_DATE} CATEGORIES= security MASTER_SITES= -https://hg.mozilla.org/mozilla-central/raw-file/${CERTDATA_COMMIT}/security/nss/lib/ckfw/builtins/certdata.txt EXTRACT_SUFX= # empty DISTFILES= ${CERTDATA} MAINTAINER= pkgsrc-users@@NetBSD.org HOMEPAGE= https://hg.mozilla.org/mozilla-central/log/tip/security/nss/lib/ckfw/builtins/certdata.txt COMMENT= Root CA certificates from the Mozilla Project LICENSE= mpl-2.0 USE_TOOLS= awk:run echo:run expr:run ln:run ls:run openssl:run rm:run mkdir:run # This must be kept in sync with security/mozilla-rootcerts-openssl CERTDATA_DATE= 20260412 CERTDATA_COMMIT= 489c4f70f0fd7eca111c3a9369aa17b5ca4e0641 CERTDATA= certdata-${CERTDATA_DATE}.txt WRKSRC= ${WRKDIR} DATADIR= ${PREFIX}/share/${PKGBASE} # Set paths depending on whether we depend on builtin or pkgsrc # openssl. \todo Arguably, we should consider installing into both # builtin and pkgsrc, if both exist, but this requires much more # thought. CHECK_BUILTIN.openssl= yes .include "../../security/openssl/builtin.mk" CHECK_BUILTIN.openssl= no .if ${USE_BUILTIN.openssl:U:tl} == yes SSLDIR= /etc/openssl .else SSLDIR= ${PKG_SYSCONFDIR}/openssl .endif CERT_SCRIPT= mozilla-rootcerts.sh SUBST_CLASSES= paths SUBST_MESSAGE.paths= Replacing hard-coded paths. SUBST_STAGE.paths= post-configure SUBST_FILES.paths= ${CERT_SCRIPT} SUBST_VARS.paths= AWK DATADIR ECHO EXPR LN LS MKDIR PREFIX RM SH SSLDIR SUBST_SED.paths= -e 's,@@OPENSSL@@,${TOOLS_PATH.openssl},g' INSTALLATION_DIRS= sbin ${DATADIR} share/doc/${PKGBASE} do-extract: ${CP} ${FILESDIR}/${CERT_SCRIPT} ${WRKSRC} ${CP} ${DISTDIR}/${CERTDATA} ${WRKSRC}/certdata.txt do-build: ${MKDIR} ${WRKSRC}/certs cd ${WRKSRC}/certs && \ ${SH} ${WRKSRC}/${CERT_SCRIPT} -f ${WRKSRC}/certdata.txt extract ${LS} -rt ${WRKSRC}/certs/*.pem | ${XARGS} ${CAT} >${WRKSRC}/cacert.pem do-install: ${INSTALL_SCRIPT} ${WRKSRC}/${CERT_SCRIPT} \ ${DESTDIR}${PREFIX}/sbin/mozilla-rootcerts ${INSTALL_DATA} ${WRKSRC}/certdata.txt ${DESTDIR}${DATADIR}/certdata.txt ${INSTALL_DATA} ${WRKSRC}/cacert.pem ${DESTDIR}${DATADIR}/cacert.pem ${INSTALL_DATA} files/gnupg2 ${DESTDIR}${PREFIX}/share/doc/${PKGBASE} .include "../../mk/bsd.pkg.mk" @ 1.62 log @mozilla-rootcerts*: update to 2026-02-11 @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.61 2025/11/01 22:44:26 wiz Exp $ d20 2 a21 2 CERTDATA_DATE= 20260211 CERTDATA_COMMIT= a98694eb4685b1ab689278aaffc98188634992a8 @ 1.61 log @mozilla-rootcerts*: update to 2025-10-29 data @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.60 2025/09/30 16:07:39 wiz Exp $ d20 2 a21 2 CERTDATA_DATE= 20251029 CERTDATA_COMMIT= 389b94c9230fdb44b7be2628fd6047b4a07e1be7 @ 1.60 log @*: use ${DESTDIR}${PREFIX} instead of ${DESTDIR}/${PREFIX} @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.59 2025/07/19 20:10:09 wiz Exp $ d20 2 a21 2 CERTDATA_DATE= 20250711 CERTDATA_COMMIT= 31349b12ded3cac7b80d69bb3d8382c13d62ce63 @ 1.59 log @mozilla-rootcerts*: update to 1.1.20250711/2.19 About a year of certificate changes. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.58 2024/12/07 11:18:30 wiz Exp $ d66 1 a66 1 ${INSTALL_DATA} files/gnupg2 ${DESTDIR}/${PREFIX}/share/doc/${PKGBASE} @ 1.58 log @mozilla-rootcerts: update to 1.1.20241118. Some certificates removed. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.57 2024/09/15 10:35:00 wiz Exp $ d20 2 a21 2 CERTDATA_DATE= 20241118 CERTDATA_COMMIT= fc857d1685f9cd017a2cf656a52d871b02a4cc89 @ 1.57 log @mozilla-rootcerts: fix trust handling Suggested and reviewed by riastradh. Bump version. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.56 2024/08/31 18:41:27 wiz Exp $ d20 3 a22 3 CERTDATA_DATE= 20240827 CERTDATA_COMMIT= 9727cd2f7983d01cc4fd3b5ef21b72fc8f6a052a CERTDATA= certdata-${CERTDATA_DATE}.txt @ 1.56 log @mozilla-rootcerts*: update to 20240827 There were no PLIST changes to mozilla-rootcerts-openssl when I tested it locally. I hope it stays this way... @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.55 2024/07/03 06:06:30 wiz Exp $ d6 1 a6 1 DISTNAME= mozilla-rootcerts-1.0.${CERTDATA_DATE} @ 1.55 log @mozilla-rootcerts*: update to 20240702 distrust added for one certificate, dated 20240630 @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.54 2024/06/09 22:25:11 wiz Exp $ d20 2 a21 2 CERTDATA_DATE= 20240702 CERTDATA_COMMIT= e3195e969188a333692e5e366d6fda6bb8d7c761 @ 1.54 log @mozilla-rootcerts*: update to 20240607/2.15 @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.53 2024/02/20 16:51:44 jperkin Exp $ d20 2 a21 2 CERTDATA_DATE= 20240607 CERTDATA_COMMIT= c0ee6408f6b87494cd318cb5144a6cd81e721b86 @ 1.53 log @mozilla-rootcerts*: Update to 20240214 data. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.52 2023/11/25 10:32:24 wiz Exp $ d8 1 a8 1 MASTER_SITES= -https://hg.mozilla.org/mozilla-central/raw-file/bfb3a675d0569b740fe865ad6d2ac70f22163e98/security/nss/lib/ckfw/builtins/certdata.txt d20 2 a21 1 CERTDATA_DATE= 20240214 @ 1.52 log @mozilla-rootcerts*: update to 20231115 data @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.51 2023/08/12 07:05:17 wiz Exp $ d8 1 a8 1 MASTER_SITES= -https://hg.mozilla.org/mozilla-central/raw-file/a3dd112b0ed075be924f114a490abaeb9d7c3cd6/security/nss/lib/ckfw/builtins/certdata.txt d20 1 a20 1 CERTDATA_DATE= 20231115 @ 1.51 log @mozilla-rootcerts: update to 1.0.20230720. Matches nss 3.92beta1. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.50 2023/06/01 13:20:40 wiz Exp $ d8 1 a8 1 MASTER_SITES= -https://hg.mozilla.org/mozilla-central/raw-file/60b731ed0b92d1f2f7d80dfc54f71fcfecb8ff49/security/nss/lib/ckfw/builtins/certdata.txt d20 1 a20 1 CERTDATA_DATE= 20230720 @ 1.50 log @mozilla-rootcert*: update to 20230505 data @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.49 2022/12/04 16:12:46 wiz Exp $ d8 1 a8 1 MASTER_SITES= -https://hg.mozilla.org/mozilla-central/raw-file/f241a7ae4dc848614a68c2f94054121e441ae7a5/security/nss/lib/ckfw/builtins/certdata.txt d20 1 a20 1 CERTDATA_DATE= 20230505 @ 1.49 log @mozilla-rootcerts*: use updated distfile, ride bump @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.48 2022/12/04 16:09:47 wiz Exp $ d8 1 a8 1 MASTER_SITES= -https://hg.mozilla.org/mozilla-central/raw-file/fc546cbeb1cc7a486bc5147bcff3a879374cf213/security/nss/lib/ckfw/builtins/certdata.txt d20 1 a20 1 CERTDATA_DATE= 20221204 @ 1.48 log @mozilla-rootcerts*: update to 20221204 @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.47 2022/12/01 12:55:36 wiz Exp $ d8 1 a8 1 MASTER_SITES= -https://hg.mozilla.org/mozilla-central/raw-file/8a140b71769579902156914a69ba4849c5598db3/security/nss/lib/ckfw/builtins/certdata.txt d33 1 a33 1 .if !empty(USE_BUILTIN.openssl:M[yY][eE][sS]) @ 1.47 log @mozilla-rootcerts*: update to 20220913 @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.46 2022/07/03 10:16:57 wiz Exp $ d20 1 a20 1 CERTDATA_DATE= 20220913 @ 1.46 log @mozilla-rootcerts*: update to 20220614 data @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.45 2021/10/14 12:42:16 wiz Exp $ d20 1 a20 1 CERTDATA_DATE= 20220614 @ 1.45 log @mozilla-rootcerts: mention mozilla-rootcerts-openssl more prominently @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.44 2021/10/14 07:35:54 tron Exp $ d8 1 a8 1 MASTER_SITES= -https://hg.mozilla.org/mozilla-central/raw-file/330c22fc463e2de39cae6b9f4c7e91dd6c255931/security/nss/lib/ckfw/builtins/certdata.txt d20 1 a20 1 CERTDATA_DATE= 20210916 @ 1.44 log @mozilla-rootcerts: Use date of the last change as the version number @ text @d1 4 a4 1 # $NetBSD: Makefile,v 1.43 2021/10/14 07:21:43 tron Exp $ @ 1.43 log @mozilla-rootcerts: update to 20211014 data @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.42 2021/01/11 22:50:37 wiz Exp $ d17 1 a17 1 CERTDATA_DATE= 20211014 @ 1.42 log @mozilla-rootcerts: update to 20201204 data @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.41 2020/11/29 06:18:17 dogcow Exp $ d5 1 a5 1 MASTER_SITES= -https://hg.mozilla.org/mozilla-central/raw-file/bc61343b5d6809a99d3ca2daf25708f069b042c2/security/nss/lib/ckfw/builtins/certdata.txt d17 1 a17 1 CERTDATA_DATE= 20201204 @ 1.41 log @bump mozilla-rootcerts to 20201102 of certdata.txt @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.40 2020/11/27 16:18:35 gdt Exp $ d5 1 a5 1 MASTER_SITES= -https://hg.mozilla.org/mozilla-central/raw-file/24aaf5d4c68bccf698870752ca00e2c8952032f8/security/nss/lib/ckfw/builtins/certdata.txt d17 1 a17 1 CERTDATA_DATE= 20201102 @ 1.40 log @mozilla-rootcerts: Move MESSAGE content into documentation Drop MESSAGE content pointing out mozilla-rootcerts-openssl that is duplicative with DESCR. Move MESSAGE content about installation for gnupg2 into a documentation file; this is simply normal documentation about how to use an installed package. Mention this documentation in DESCR, so that prospective users get the right sense of what the package can do. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.39 2020/06/12 10:35:11 maya Exp $ a3 1 PKGREVISION= 2 d5 1 a5 1 MASTER_SITES= -https://hg.mozilla.org/mozilla-central/raw-file/4f0b2cc28b1482e285bcfceec472a568f3843299/security/nss/lib/ckfw/builtins/certdata.txt d17 1 a17 1 CERTDATA_DATE= 20200529 @ 1.39 log @mozilla-rootcerts*: remove Kamu SM from the list of certificates. Mozilla only trusts this for Turkish domains, see: https://wiki.mozilla.org/CA/Additional_Trust_Changes And users of mozilla-rootcerts likely don't implement the same fine-grained trust. Proposed on tech-pkg @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.38 2020/06/02 22:32:02 jperkin Exp $ d4 1 a4 1 PKGREVISION= 1 d46 1 a46 1 INSTALLATION_DIRS= sbin ${DATADIR} d63 1 @ 1.38 log @mozilla-rootcerts: Ensure script uses correct SH. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.37 2020/05/30 22:39:08 tnn Exp $ d4 1 @ 1.37 log @mozilla-rootcerts: silence pkglint warning about inconsistent patch name @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.36 2020/05/30 12:55:46 tnn Exp $ d42 1 a42 1 SUBST_VARS.paths= AWK DATADIR ECHO EXPR LN LS MKDIR PREFIX SSLDIR RM @ 1.36 log @mozilla-rootcerts: update to 20200529 pkgsrc changes: Delete roots which expired today or earlier: C = SE, O = AddTrust AB, OU = AddTrust TTP Network, CN = AddTrust Class 1 CA Root C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root C = NL, O = Staat der Nederlanden, CN = Staat der Nederlanden Root CA - G2 Upstream changes: 1618404 - Set CKA_NSS_SERVER_DISTRUST_AFTER for Symantec root 1621159 - Set CKA_NSS_SERVER_DISTRUST_AFTER for Consorci AOC, GRCA, and SK ID root certs. r=jcj @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.35 2020/03/30 16:38:03 gdt Exp $ d49 1 a49 1 ${CP} ${DISTDIR}/${CERTDATA} ${WRKSRC} d54 1 a54 1 ${SH} ${WRKSRC}/${CERT_SCRIPT} -f ${WRKSRC}/${CERTDATA} extract d60 1 a60 1 ${INSTALL_DATA} ${WRKSRC}/${CERTDATA} ${DESTDIR}${DATADIR}/certdata.txt @ 1.35 log @mozilla-rootcerts: Cope with missing certs dir While the certs dir should exist, pkg_delete of mozilla-rootcerts-openssl currently removes it, despite it not having been created by the corresponding pkg_add. Instead of failing if the directory does not exist, simply emit a warning and create it. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.34 2019/12/07 18:29:31 sevan Exp $ a3 1 PKGREVISION= 1 d5 2 a6 1 MASTER_SITES= -https://hg.mozilla.org/mozilla-central/raw-file/491b05117886ece80b94c88f7107e6e12c1394be/security/nss/lib/ckfw/builtins/certdata.txt a7 1 EXTRACT_SUFX= # empty d17 1 a17 1 CERTDATA_DATE= 20191207 @ 1.34 log @Update to the latest certdata.txt version available in Mozilla repo. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.33 2019/05/12 19:19:27 maya Exp $ d4 1 @ 1.33 log @mozilla-rootcerts*: update to the latest certdata.txt commit. Let's call this 20190306, as that's the date of the commit. Most notably, this adds support for Let's Encrypt (ISRG Root X1). Changes: +# Certificate "Certigna Root CA" +# Certificate "GTS Root R1" +# Certificate "GTS Root R2" +# Certificate "GTS Root R3" +# Certificate "GTS Root R4" +# Certificate "GlobalSign Root CA - R6" +# Certificate "Hongkong Post Root CA 3" +# Certificate "ISRG Root X1" +# Certificate "OISTE WISeKey Global Root GC CA" +# Certificate "UCA Extended Validation Root" +# Certificate "UCA Global G2 Root" +# Certificate "emSign ECC Root CA - C3" +# Certificate "emSign ECC Root CA - G3" +# Certificate "emSign Root CA - C1" +# Certificate "emSign Root CA - G1" -# Certificate "AC Raiz Certicamara S.A." -# Certificate "Certplus Root CA G1" -# Certificate "Certplus Root CA G2" -# Certificate "ComSign CA" -# Certificate "ISRG Root X1" -# Certificate "OpenTrust Root CA G1" -# Certificate "OpenTrust Root CA G2" -# Certificate "OpenTrust Root CA G3" -# Certificate "S-TRUST Universal Root CA" -# Certificate "TC TrustCenter Class 3 CA II" -# Certificate "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5" -# Certificate "Visa eCommerce Root" @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.32 2018/03/04 01:42:31 ryoon Exp $ d5 1 a5 1 MASTER_SITES= -https://hg.mozilla.org/mozilla-central/raw-file/f84b1b428d4298326511fbdb527c0029e5cdf638/security/nss/lib/ckfw/builtins/certdata.txt d17 1 a17 1 CERTDATA_DATE= 20190306 @ 1.32 log @Update to 1.0.20180111 * Based on NSS 3.35 beta 1 @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.31 2017/07/06 00:58:35 gdt Exp $ d5 1 a5 1 MASTER_SITES= -https://hg.mozilla.org/mozilla-central/raw-file/92dcb99abd05/security/nss/lib/ckfw/builtins/certdata.txt d17 1 a17 1 CERTDATA_DATE= 20180111 @ 1.31 log @Regularize path subsitution and use PREFIX Use PREFIX rather than LOCALBASE. What matters is where this packages prefix is, not anything else. Substitute all paths the same way, assigning to sh variables in one place, alphabetically, and then using them. Sort list of substituted variables alphabetically also, so it's easier to review the code. No functional change for any reasonable configuration. Based on a suggestion by J. Lewis Muir on pkgsrc-users. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.30 2017/06/22 00:30:10 gdt Exp $ a3 1 PKGREVISION= 6 d5 1 a5 1 MASTER_SITES= -https://hg.mozilla.org/mozilla-central/raw-file/052b90b5414f/security/nss/lib/ckfw/builtins/certdata.txt d17 1 a17 1 CERTDATA_DATE= 20170121 @ 1.30 log @Add comment about multiple install locations This package installs into either the builtin openssl or the pkgsrc one, depending on which is chosen. However, that's not obviously right (while also not obviously wrong). If there are two versions of of openssl, perhaps both should have certificates configured. Or perhaps not -- this simply adds a comment that the issue bears thinking about. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.29 2017/06/19 00:37:48 gdt Exp $ d4 1 a4 1 PKGREVISION= 5 d43 1 a43 1 SUBST_VARS.paths= AWK ECHO EXPR LN LOCALBASE LS RM DATADIR MKDIR SSLDIR @ 1.29 log @Revert touching of openssl config file Earlier, code was added to "touch $conffile" to work around openssl issuing a warning if openssl.conf was not present. This is problematic because if the warning is appropriate, 1) we have no way of knowing that an empty config file is correct and 2) we should not silence it. If the warning is buggy, then openssl and/or the base system should be fixed. Further, this code changes the modification date of the config file on every run, even when there is a valid config file. (There was no discussion prior, three objections and no concurrences, and no response, so reverting seems ok.) @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.28 2017/06/19 00:32:37 gdt Exp $ d24 4 a27 1 # Set paths depending on whether we depend on builtin or pkgsrc openssl. @ 1.28 log @Rationalize directory handling around ca-certificates.crt Now, ca-certificates.crt is always in the main certs dir, because we have been careful about builtin vs pkgsrc paths. So the directory must exist (because it was checked earlier). Instead, check for the ca-certificates.crt file existing. Add more questioning comments. Based on a patch by J. Lewis Muir. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.27 2017/06/19 00:10:21 gdt Exp $ d4 1 a4 1 PKGREVISION= 4 @ 1.27 log @Substitute path to openssl more thoroughly This package can depend on builtin openssl or pkgsrc openssl. However, it had paths from the base system hardcoded. Be more thorough about using builtin vs pkgsrc paths. This is a minimal change to use builtin/pkgsrc paths; future commits will note latent issues uncovered in the process. Based on a report to pkgsrc-users by J. Lewis Muir. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.26 2017/03/15 18:52:55 jperkin Exp $ d4 1 a4 1 PKGREVISION= 3 @ 1.26 log @Limit broken openssl.cnf handling to NetBSD only after no response from bsiegert@@. There's no reason to pollute other operating systems. Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.25 2017/03/03 15:46:27 bsiegert Exp $ d4 1 a4 1 PKGREVISION= 2 d24 1 d29 1 a29 1 SSLDIR= /etc/openssl/certs d31 1 a31 1 SSLDIR= ${PKG_SYSCONFDIR}/openssl/certs @ 1.26.2.1 log @Pullup ticket #5488 - requested by sevan security/mozilla-rootcerts: build fix Revisions pulled up: - security/mozilla-rootcerts/Makefile 1.27-1.29 - security/mozilla-rootcerts/files/mozilla-rootcerts.sh 1.14-1.18 --- Module Name: pkgsrc Committed By: gdt Date: Mon Jun 19 00:10:21 UTC 2017 Modified Files: pkgsrc/security/mozilla-rootcerts: Makefile pkgsrc/security/mozilla-rootcerts/files: mozilla-rootcerts.sh Log Message: Substitute path to openssl more thoroughly This package can depend on builtin openssl or pkgsrc openssl. However, it had paths from the base system hardcoded. Be more thorough about using builtin vs pkgsrc paths. This is a minimal change to use builtin/pkgsrc paths; future commits will note latent issues uncovered in the process. Based on a report to pkgsrc-users by J. Lewis Muir. --- Module Name: pkgsrc Committed By: gdt Date: Mon Jun 19 00:20:15 UTC 2017 Modified Files: pkgsrc/security/mozilla-rootcerts/files: mozilla-rootcerts.sh Log Message: Add comments questioning many things Describe issues with touching the config file and the spurious directory check surrounding ca-certificates.crt. --- Module Name: pkgsrc Committed By: gdt Date: Mon Jun 19 00:32:38 UTC 2017 Modified Files: pkgsrc/security/mozilla-rootcerts: Makefile pkgsrc/security/mozilla-rootcerts/files: mozilla-rootcerts.sh Log Message: Rationalize directory handling around ca-certificates.crt Now, ca-certificates.crt is always in the main certs dir, because we have been careful about builtin vs pkgsrc paths. So the directory must exist (because it was checked earlier). Instead, check for the ca-certificates.crt file existing. Add more questioning comments. Based on a patch by J. Lewis Muir. --- Module Name: pkgsrc Committed By: gdt Date: Mon Jun 19 00:37:48 UTC 2017 Modified Files: pkgsrc/security/mozilla-rootcerts: Makefile pkgsrc/security/mozilla-rootcerts/files: mozilla-rootcerts.sh Log Message: Revert touching of openssl config file Earlier, code was added to "touch $conffile" to work around openssl issuing a warning if openssl.conf was not present. This is problematic because if the warning is appropriate, 1) we have no way of knowing that an empty config file is correct and 2) we should not silence it. If the warning is buggy, then openssl and/or the base system should be fixed. Further, this code changes the modification date of the config file on every run, even when there is a valid config file. (There was no discussion prior, three objections and no concurrences, and no response, so reverting seems ok.) --- Module Name: pkgsrc Committed By: gdt Date: Mon Jun 19 00:39:53 UTC 2017 Modified Files: pkgsrc/security/mozilla-rootcerts/files: mozilla-rootcerts.sh Log Message: Adjust comments around ca-certificates.crt (Ride earlier PKGREVISION.) @ text @d1 1 a1 1 # $NetBSD$ d4 1 a4 1 PKGREVISION= 5 a23 1 # Set paths depending on whether we depend on builtin or pkgsrc openssl. d28 1 a28 1 SSLDIR= /etc/openssl d30 1 a30 1 SSLDIR= ${PKG_SYSCONFDIR}/openssl @ 1.25 log @Create /etc/openssl/openssl.cnf if it does not exist. Otherwise, there is one nonsensical warning on every openssl invocation. I have seen dozens of recipes for NetBSD setups, and each one cargo-cults a "touch openssl.cnf" against that noise. Bump package revision. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.24 2017/02/03 09:56:49 maya Exp $ d4 1 a4 1 PKGREVISION= 1 @ 1.24 log @mozilla-rootcerts: update to 052b90b5414f (commit at 2017-01-21) mozilla-rootcerts-openssl: catch up closest thing to a changelog: diff -u certdata-20160610.txt certdata-20170121.txt | grep '# ' -# Certificate "Equifax Secure CA" -# Issuer: OU=Equifax Secure Certificate Authority,O=Equifax,C=US -# Serial Number: 903804111 (0x35def4cf) -# Subject: OU=Equifax Secure Certificate Authority,O=Equifax,C=US -# Not Valid Before: Sat Aug 22 16:41:51 1998 -# Not Valid After : Wed Aug 22 16:41:51 2018 -# Fingerprint (MD5): 67:CB:9D:C0:13:24:8A:82:9B:B2:17:1E:D1:1B:EC:D4 -# Fingerprint (SHA1): D2:32:09:AD:23:D3:14:23:21:74:E4:0D:7F:9D:62:13:97:86:63:3A -# Trust for Certificate "Equifax Secure CA" -# Issuer: OU=Equifax Secure Certificate Authority,O=Equifax,C=US -# Serial Number: 903804111 (0x35def4cf) -# Subject: OU=Equifax Secure Certificate Authority,O=Equifax,C=US -# Not Valid Before: Sat Aug 22 16:41:51 1998 -# Not Valid After : Wed Aug 22 16:41:51 2018 -# Fingerprint (MD5): 67:CB:9D:C0:13:24:8A:82:9B:B2:17:1E:D1:1B:EC:D4 -# Fingerprint (SHA1): D2:32:09:AD:23:D3:14:23:21:74:E4:0D:7F:9D:62:13:97:86:63:3A # Distrust "Distrust a pb.com certificate that does not comply with the baseline requirements." # Issuer: OU=Equifax Secure Certificate Authority,O=Equifax,C=US # Serial Number: 1407252 (0x157914) -# Certificate "Verisign Class 3 Public Primary Certification Authority" -# Issuer: OU=Class 3 Public Primary Certification Authority,O="VeriSign, Inc.",C=US -# Serial Number:70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf -# Subject: OU=Class 3 Public Primary Certification Authority,O="VeriSign, Inc.",C=US -# Not Valid Before: Mon Jan 29 00:00:00 1996 -# Not Valid After : Tue Aug 01 23:59:59 2028 -# Fingerprint (MD5): 10:FC:63:5D:F6:26:3E:0D:F3:25:BE:5F:79:CD:67:67 -# Fingerprint (SHA1): 74:2C:31:92:E6:07:E4:24:EB:45:49:54:2B:E1:BB:C5:3E:61:74:E2 -# Trust for Certificate "Verisign Class 3 Public Primary Certification Authority" -# Issuer: OU=Class 3 Public Primary Certification Authority,O="VeriSign, Inc.",C=US -# Serial Number:70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf -# Subject: OU=Class 3 Public Primary Certification Authority,O="VeriSign, Inc.",C=US -# Not Valid Before: Mon Jan 29 00:00:00 1996 -# Not Valid After : Tue Aug 01 23:59:59 2028 -# Fingerprint (MD5): 10:FC:63:5D:F6:26:3E:0D:F3:25:BE:5F:79:CD:67:67 -# Fingerprint (SHA1): 74:2C:31:92:E6:07:E4:24:EB:45:49:54:2B:E1:BB:C5:3E:61:74:E2 -# Certificate "Verisign Class 2 Public Primary Certification Authority - G2" -# Issuer: OU=VeriSign Trust Network,OU="(c) 1998 VeriSign, Inc. - For authorized use only",OU=Class 2 Public Primary Certification Authority - G2,O="VeriSign, Inc.",C=US -# Serial Number:00:b9:2f:60:cc:88:9f:a1:7a:46:09:b8:5b:70:6c:8a:af -# Subject: OU=VeriSign Trust Network,OU="(c) 1998 VeriSign, Inc. - For authorized use only",OU=Class 2 Public Primary Certification Authority - G2,O="VeriSign, Inc.",C=US -# Not Valid Before: Mon May 18 00:00:00 1998 -# Not Valid After : Tue Aug 01 23:59:59 2028 -# Fingerprint (MD5): 2D:BB:E5:25:D3:D1:65:82:3A:B7:0E:FA:E6:EB:E2:E1 -# Fingerprint (SHA1): B3:EA:C4:47:76:C9:C8:1C:EA:F2:9D:95:B6:CC:A0:08:1B:67:EC:9D -# Trust for Certificate "Verisign Class 2 Public Primary Certification Authority - G2" -# Issuer: OU=VeriSign Trust Network,OU="(c) 1998 VeriSign, Inc. - For authorized use only",OU=Class 2 Public Primary Certification Authority - G2,O="VeriSign, Inc.",C=US -# Serial Number:00:b9:2f:60:cc:88:9f:a1:7a:46:09:b8:5b:70:6c:8a:af -# Subject: OU=VeriSign Trust Network,OU="(c) 1998 VeriSign, Inc. - For authorized use only",OU=Class 2 Public Primary Certification Authority - G2,O="VeriSign, Inc.",C=US -# Not Valid Before: Mon May 18 00:00:00 1998 -# Not Valid After : Tue Aug 01 23:59:59 2028 -# Fingerprint (MD5): 2D:BB:E5:25:D3:D1:65:82:3A:B7:0E:FA:E6:EB:E2:E1 -# Fingerprint (SHA1): B3:EA:C4:47:76:C9:C8:1C:EA:F2:9D:95:B6:CC:A0:08:1B:67:EC:9D # Certificate "GlobalSign Root CA" # Issuer: CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE -# Certificate "Equifax Secure Global eBusiness CA" +# Certificate "AddTrust Low-Value Services Root" -# Issuer: CN=Equifax Secure Global eBusiness CA-1,O=Equifax Secure Inc.,C=US +# Issuer: CN=AddTrust Class 1 CA Root,OU=AddTrust TTP Network,O=AddTrust AB,C=SE # Serial Number: 1 (0x1) -# Subject: CN=Equifax Secure Global eBusiness CA-1,O=Equifax Secure Inc.,C=US -# Not Valid Before: Mon Jun 21 04:00:00 1999 -# Not Valid After : Sun Jun 21 04:00:00 2020 -# Fingerprint (MD5): 8F:5D:77:06:27:C4:98:3C:5B:93:78:E7:D7:7D:9B:CC -# Fingerprint (SHA1): 7E:78:4A:10:1C:82:65:CC:2D:E1:F1:6D:47:B4:40:CA:D9:0A:19:45 +# Subject: CN=AddTrust Class 1 CA Root,OU=AddTrust TTP Network,O=AddTrust AB,C=SE +# Not Valid Before: Tue May 30 10:38:31 2000 +# Not Valid After : Sat May 30 10:38:31 2020 +# Fingerprint (MD5): 1E:42:95:02:33:92:6B:B9:5F:C0:7F:DA:D6:B2:4B:FC +# Fingerprint (SHA1): CC:AB:0E:A0:4C:23:01:D6:69:7B:DD:37:9F:CD:12:EB:24:E3:94:9D -# Trust for Certificate "Equifax Secure Global eBusiness CA" -# Issuer: CN=Equifax Secure Global eBusiness CA-1,O=Equifax Secure Inc.,C=US -# Serial Number: 1 (0x1) -# Subject: CN=Equifax Secure Global eBusiness CA-1,O=Equifax Secure Inc.,C=US -# Not Valid Before: Mon Jun 21 04:00:00 1999 -# Not Valid After : Sun Jun 21 04:00:00 2020 -# Fingerprint (MD5): 8F:5D:77:06:27:C4:98:3C:5B:93:78:E7:D7:7D:9B:CC -# Fingerprint (SHA1): 7E:78:4A:10:1C:82:65:CC:2D:E1:F1:6D:47:B4:40:CA:D9:0A:19:45 -# Certificate "Equifax Secure eBusiness CA 1" -# Issuer: CN=Equifax Secure eBusiness CA-1,O=Equifax Secure Inc.,C=US -# Serial Number: 4 (0x4) -# Subject: CN=Equifax Secure eBusiness CA-1,O=Equifax Secure Inc.,C=US -# Not Valid Before: Mon Jun 21 04:00:00 1999 -# Not Valid After : Sun Jun 21 04:00:00 2020 -# Fingerprint (MD5): 64:9C:EF:2E:44:FC:C6:8F:52:07:D0:51:73:8F:CB:3D -# Fingerprint (SHA1): DA:40:18:8B:91:89:A3:ED:EE:AE:DA:97:FE:2F:9D:F5:B7:D1:8A:41 -# Trust for Certificate "Equifax Secure eBusiness CA 1" -# Issuer: CN=Equifax Secure eBusiness CA-1,O=Equifax Secure Inc.,C=US -# Serial Number: 4 (0x4) -# Subject: CN=Equifax Secure eBusiness CA-1,O=Equifax Secure Inc.,C=US -# Not Valid Before: Mon Jun 21 04:00:00 1999 -# Not Valid After : Sun Jun 21 04:00:00 2020 -# Fingerprint (MD5): 64:9C:EF:2E:44:FC:C6:8F:52:07:D0:51:73:8F:CB:3D -# Fingerprint (SHA1): DA:40:18:8B:91:89:A3:ED:EE:AE:DA:97:FE:2F:9D:F5:B7:D1:8A:41 -# Certificate "AddTrust Low-Value Services Root" -# Issuer: CN=AddTrust Class 1 CA Root,OU=AddTrust TTP Network,O=AddTrust AB,C=SE -# Serial Number: 1 (0x1) -# Subject: CN=AddTrust Class 1 CA Root,OU=AddTrust TTP Network,O=AddTrust AB,C=SE -# Not Valid Before: Tue May 30 10:38:31 2000 -# Not Valid After : Sat May 30 10:38:31 2020 -# Fingerprint (MD5): 1E:42:95:02:33:92:6B:B9:5F:C0:7F:DA:D6:B2:4B:FC -# Fingerprint (SHA1): CC:AB:0E:A0:4C:23:01:D6:69:7B:DD:37:9F:CD:12:EB:24:E3:94:9D -# Certificate "RSA Security 2048 v3" -# Issuer: OU=RSA Security 2048 V3,O=RSA Security Inc -# Serial Number:0a:01:01:01:00:00:02:7c:00:00:00:0a:00:00:00:02 -# Subject: OU=RSA Security 2048 V3,O=RSA Security Inc -# Not Valid Before: Thu Feb 22 20:39:23 2001 -# Not Valid After : Sun Feb 22 20:39:23 2026 -# Fingerprint (MD5): 77:0D:19:B1:21:FD:00:42:9C:3E:0C:A5:DD:0B:02:8E -# Fingerprint (SHA1): 25:01:90:19:CF:FB:D9:99:1C:B7:68:25:74:8D:94:5F:30:93:95:42 -# Trust for Certificate "RSA Security 2048 v3" -# Issuer: OU=RSA Security 2048 V3,O=RSA Security Inc -# Serial Number:0a:01:01:01:00:00:02:7c:00:00:00:0a:00:00:00:02 -# Subject: OU=RSA Security 2048 V3,O=RSA Security Inc -# Not Valid Before: Thu Feb 22 20:39:23 2001 -# Not Valid After : Sun Feb 22 20:39:23 2026 -# Fingerprint (MD5): 77:0D:19:B1:21:FD:00:42:9C:3E:0C:A5:DD:0B:02:8E -# Fingerprint (SHA1): 25:01:90:19:CF:FB:D9:99:1C:B7:68:25:74:8D:94:5F:30:93:95:42 # Certificate "GeoTrust Global CA" # Issuer: CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US -# Certificate "IGC/A" -# Issuer: E=igca@@sgdn.pm.gouv.fr,CN=IGC/A,OU=DCSSI,O=PM/SGDN,L=Paris,ST=France,C=FR -# Serial Number:39:11:45:10:94 -# Subject: E=igca@@sgdn.pm.gouv.fr,CN=IGC/A,OU=DCSSI,O=PM/SGDN,L=Paris,ST=France,C=FR -# Not Valid Before: Fri Dec 13 14:29:23 2002 -# Not Valid After : Sat Oct 17 14:29:22 2020 -# Fingerprint (MD5): 0C:7F:DD:6A:F4:2A:B9:C8:9B:BD:20:7E:A9:DB:5C:37 -# Fingerprint (SHA1): 60:D6:89:74:B5:C2:65:9E:8A:0F:C1:88:7C:88:D2:46:69:1B:18:2C -# Trust for Certificate "IGC/A" -# Issuer: E=igca@@sgdn.pm.gouv.fr,CN=IGC/A,OU=DCSSI,O=PM/SGDN,L=Paris,ST=France,C=FR -# Serial Number:39:11:45:10:94 -# Subject: E=igca@@sgdn.pm.gouv.fr,CN=IGC/A,OU=DCSSI,O=PM/SGDN,L=Paris,ST=France,C=FR -# Not Valid Before: Fri Dec 13 14:29:23 2002 -# Not Valid After : Sat Oct 17 14:29:22 2020 -# Fingerprint (MD5): 0C:7F:DD:6A:F4:2A:B9:C8:9B:BD:20:7E:A9:DB:5C:37 -# Fingerprint (SHA1): 60:D6:89:74:B5:C2:65:9E:8A:0F:C1:88:7C:88:D2:46:69:1B:18:2C # Distrust "Distrusted AC DG Tresor SSL" # Issuer: CN=AC DGTPE Signature Authentification,O=DGTPE,C=FR # Serial Number: 204199 (0x31da7) -# Certificate "S-TRUST Authentication and Encryption Root CA 2005 PN" -# Issuer: CN=S-TRUST Authentication and Encryption Root CA 2005:PN,O=Deutscher Sparkassen Verlag GmbH,L=Stuttgart,ST=Baden-Wuerttemberg (BW),C=DE -# Serial Number:37:19:18:e6:53:54:7c:1a:b5:b8:cb:59:5a:db:35:b7 -# Subject: CN=S-TRUST Authentication and Encryption Root CA 2005:PN,O=Deutscher Sparkassen Verlag GmbH,L=Stuttgart,ST=Baden-Wuerttemberg (BW),C=DE -# Not Valid Before: Wed Jun 22 00:00:00 2005 -# Not Valid After : Fri Jun 21 23:59:59 2030 -# Fingerprint (MD5): 04:4B:FD:C9:6C:DA:2A:32:85:7C:59:84:61:46:8A:64 -# Fingerprint (SHA1): BE:B5:A9:95:74:6B:9E:DF:73:8B:56:E6:DF:43:7A:77:BE:10:6B:81 -# Trust for Certificate "S-TRUST Authentication and Encryption Root CA 2005 PN" -# Issuer: CN=S-TRUST Authentication and Encryption Root CA 2005:PN,O=Deutscher Sparkassen Verlag GmbH,L=Stuttgart,ST=Baden-Wuerttemberg (BW),C=DE -# Serial Number:37:19:18:e6:53:54:7c:1a:b5:b8:cb:59:5a:db:35:b7 -# Subject: CN=S-TRUST Authentication and Encryption Root CA 2005:PN,O=Deutscher Sparkassen Verlag GmbH,L=Stuttgart,ST=Baden-Wuerttemberg (BW),C=DE -# Not Valid Before: Wed Jun 22 00:00:00 2005 -# Not Valid After : Fri Jun 21 23:59:59 2030 -# Fingerprint (MD5): 04:4B:FD:C9:6C:DA:2A:32:85:7C:59:84:61:46:8A:64 -# Fingerprint (SHA1): BE:B5:A9:95:74:6B:9E:DF:73:8B:56:E6:DF:43:7A:77:BE:10:6B:81 # Certificate "Microsec e-Szigno Root CA" # Issuer: CN=Microsec e-Szigno Root CA,OU=e-Szigno CA,O=Microsec Ltd.,L=Budapest,C=HU -# Certificate "Buypass Class 2 CA 1" -# Issuer: CN=Buypass Class 2 CA 1,O=Buypass AS-983163327,C=NO -# Serial Number: 1 (0x1) -# Subject: CN=Buypass Class 2 CA 1,O=Buypass AS-983163327,C=NO -# Not Valid Before: Fri Oct 13 10:25:09 2006 -# Not Valid After : Thu Oct 13 10:25:09 2016 -# Fingerprint (MD5): B8:08:9A:F0:03:CC:1B:0D:C8:6C:0B:76:A1:75:64:23 -# Fingerprint (SHA1): A0:A1:AB:90:C9:FC:84:7B:3B:12:61:E8:97:7D:5F:D3:22:61:D3:CC -# Trust for Certificate "Buypass Class 2 CA 1" -# Issuer: CN=Buypass Class 2 CA 1,O=Buypass AS-983163327,C=NO -# Serial Number: 1 (0x1) -# Subject: CN=Buypass Class 2 CA 1,O=Buypass AS-983163327,C=NO -# Not Valid Before: Fri Oct 13 10:25:09 2006 -# Not Valid After : Thu Oct 13 10:25:09 2016 -# Fingerprint (MD5): B8:08:9A:F0:03:CC:1B:0D:C8:6C:0B:76:A1:75:64:23 -# Fingerprint (SHA1): A0:A1:AB:90:C9:FC:84:7B:3B:12:61:E8:97:7D:5F:D3:22:61:D3:CC -# Certificate "EBG Elektronik Sertifika Hizmet Saglayicisi" -# Issuer: C=TR,O=EBG Bili..im Teknolojileri ve Hizmetleri A....,CN=EBG Elektronik Sertifika Hizmet Sa..lay..c..s.. -# Serial Number:4c:af:73:42:1c:8e:74:02 -# Subject: C=TR,O=EBG Bili..im Teknolojileri ve Hizmetleri A....,CN=EBG Elektronik Sertifika Hizmet Sa..lay..c..s.. -# Not Valid Before: Thu Aug 17 00:21:09 2006 -# Not Valid After : Sun Aug 14 00:31:09 2016 -# Fingerprint (MD5): 2C:20:26:9D:CB:1A:4A:00:85:B5:B7:5A:AE:C2:01:37 -# Fingerprint (SHA1): 8C:96:BA:EB:DD:2B:07:07:48:EE:30:32:66:A0:F3:98:6E:7C:AE:58 -# Trust for Certificate "EBG Elektronik Sertifika Hizmet Saglayicisi" -# Issuer: C=TR,O=EBG Bili..im Teknolojileri ve Hizmetleri A....,CN=EBG Elektronik Sertifika Hizmet Sa..lay..c..s.. -# Serial Number:4c:af:73:42:1c:8e:74:02 -# Subject: C=TR,O=EBG Bili..im Teknolojileri ve Hizmetleri A....,CN=EBG Elektronik Sertifika Hizmet Sa..lay..c..s.. -# Not Valid Before: Thu Aug 17 00:21:09 2006 -# Not Valid After : Sun Aug 14 00:31:09 2016 -# Fingerprint (MD5): 2C:20:26:9D:CB:1A:4A:00:85:B5:B7:5A:AE:C2:01:37 -# Fingerprint (SHA1): 8C:96:BA:EB:DD:2B:07:07:48:EE:30:32:66:A0:F3:98:6E:7C:AE:58 # Certificate "certSIGN ROOT CA" # Issuer: OU=certSIGN ROOT CA,O=certSIGN,C=RO -# Certificate "Juur-SK" -# Issuer: CN=Juur-SK,O=AS Sertifitseerimiskeskus,C=EE,E=pki@@sk.ee -# Serial Number: 999181308 (0x3b8e4bfc) -# Subject: CN=Juur-SK,O=AS Sertifitseerimiskeskus,C=EE,E=pki@@sk.ee -# Not Valid Before: Thu Aug 30 14:23:01 2001 -# Not Valid After : Fri Aug 26 14:23:01 2016 -# Fingerprint (MD5): AA:8E:5D:D9:F8:DB:0A:58:B7:8D:26:87:6C:82:35:55 -# Fingerprint (SHA1): 40:9D:4B:D9:17:B5:5C:27:B6:9B:64:CB:98:22:44:0D:CD:09:B8:89 -# Trust for Certificate "Juur-SK" -# Issuer: CN=Juur-SK,O=AS Sertifitseerimiskeskus,C=EE,E=pki@@sk.ee -# Serial Number: 999181308 (0x3b8e4bfc) -# Subject: CN=Juur-SK,O=AS Sertifitseerimiskeskus,C=EE,E=pki@@sk.ee -# Not Valid Before: Thu Aug 30 14:23:01 2001 -# Not Valid After : Fri Aug 26 14:23:01 2016 -# Fingerprint (MD5): AA:8E:5D:D9:F8:DB:0A:58:B7:8D:26:87:6C:82:35:55 -# Fingerprint (SHA1): 40:9D:4B:D9:17:B5:5C:27:B6:9B:64:CB:98:22:44:0D:CD:09:B8:89 # Certificate "Hongkong Post Root CA 1" # Issuer: CN=Hongkong Post Root CA 1,O=Hongkong Post,C=HK -# Certificate "Verisign Class 1 Public Primary Certification Authority" +# Certificate "Microsec e-Szigno Root CA 2009" -# Issuer: OU=Class 1 Public Primary Certification Authority,O="VeriSign, Inc.",C=US -# Serial Number:3f:69:1e:81:9c:f0:9a:4a:f3:73:ff:b9:48:a2:e4:dd -# Subject: OU=Class 1 Public Primary Certification Authority,O="VeriSign, Inc.",C=US -# Not Valid Before: Mon Jan 29 00:00:00 1996 -# Not Valid After : Wed Aug 02 23:59:59 2028 -# Fingerprint (MD5): 86:AC:DE:2B:C5:6D:C3:D9:8C:28:88:D3:8D:16:13:1E -# Fingerprint (SHA1): CE:6A:64:A3:09:E4:2F:BB:D9:85:1C:45:3E:64:09:EA:E8:7D:60:F1 +# Issuer: E=info@@e-szigno.hu,CN=Microsec e-Szigno Root CA 2009,O=Microsec Ltd.,L=Budapest,C=HU +# Serial Number:00:c2:7e:43:04:4e:47:3f:19 +# Subject: E=info@@e-szigno.hu,CN=Microsec e-Szigno Root CA 2009,O=Microsec Ltd.,L=Budapest,C=HU +# Not Valid Before: Tue Jun 16 11:30:18 2009 +# Not Valid After : Sun Dec 30 11:30:18 2029 +# Fingerprint (MD5): F8:49:F4:03:BC:44:2D:83:BE:48:69:7D:29:64:FC:B1 +# Fingerprint (SHA1): 89:DF:74:FE:5C:F4:0F:4A:80:F9:E3:37:7D:54:DA:91:E1:01:31:8E -# Trust for Certificate "Verisign Class 1 Public Primary Certification Authority" -# Issuer: OU=Class 1 Public Primary Certification Authority,O="VeriSign, Inc.",C=US -# Serial Number:3f:69:1e:81:9c:f0:9a:4a:f3:73:ff:b9:48:a2:e4:dd -# Subject: OU=Class 1 Public Primary Certification Authority,O="VeriSign, Inc.",C=US -# Not Valid Before: Mon Jan 29 00:00:00 1996 -# Not Valid After : Wed Aug 02 23:59:59 2028 -# Fingerprint (MD5): 86:AC:DE:2B:C5:6D:C3:D9:8C:28:88:D3:8D:16:13:1E -# Fingerprint (SHA1): CE:6A:64:A3:09:E4:2F:BB:D9:85:1C:45:3E:64:09:EA:E8:7D:60:F1 -# Certificate "Microsec e-Szigno Root CA 2009" -# Issuer: E=info@@e-szigno.hu,CN=Microsec e-Szigno Root CA 2009,O=Microsec Ltd.,L=Budapest,C=HU -# Serial Number:00:c2:7e:43:04:4e:47:3f:19 -# Subject: E=info@@e-szigno.hu,CN=Microsec e-Szigno Root CA 2009,O=Microsec Ltd.,L=Budapest,C=HU -# Not Valid Before: Tue Jun 16 11:30:18 2009 -# Not Valid After : Sun Dec 30 11:30:18 2029 -# Fingerprint (MD5): F8:49:F4:03:BC:44:2D:83:BE:48:69:7D:29:64:FC:B1 -# Fingerprint (SHA1): 89:DF:74:FE:5C:F4:0F:4A:80:F9:E3:37:7D:54:DA:91:E1:01:31:8E -# Certificate "Root CA Generalitat Valenciana" -# Issuer: CN=Root CA Generalitat Valenciana,OU=PKIGVA,O=Generalitat Valenciana,C=ES -# Serial Number: 994436456 (0x3b45e568) -# Subject: CN=Root CA Generalitat Valenciana,OU=PKIGVA,O=Generalitat Valenciana,C=ES -# Not Valid Before: Fri Jul 06 16:22:47 2001 -# Not Valid After : Thu Jul 01 15:22:47 2021 -# Fingerprint (MD5): 2C:8C:17:5E:B1:54:AB:93:17:B5:36:5A:DB:D1:C6:F2 -# Fingerprint (SHA1): A0:73:E5:C5:BD:43:61:0D:86:4C:21:13:0A:85:58:57:CC:9C:EA:46 -# Trust for Certificate "Root CA Generalitat Valenciana" -# Issuer: CN=Root CA Generalitat Valenciana,OU=PKIGVA,O=Generalitat Valenciana,C=ES -# Serial Number: 994436456 (0x3b45e568) -# Subject: CN=Root CA Generalitat Valenciana,OU=PKIGVA,O=Generalitat Valenciana,C=ES -# Not Valid Before: Fri Jul 06 16:22:47 2001 -# Not Valid After : Thu Jul 01 15:22:47 2021 -# Fingerprint (MD5): 2C:8C:17:5E:B1:54:AB:93:17:B5:36:5A:DB:D1:C6:F2 -# Fingerprint (SHA1): A0:73:E5:C5:BD:43:61:0D:86:4C:21:13:0A:85:58:57:CC:9C:EA:46 # Certificate "TWCA Root Certification Authority" # Issuer: CN=TWCA Root Certification Authority,OU=Root CA,O=TAIWAN-CA,C=TW +# Certificate "ISRG Root X1" +# Issuer: CN=ISRG Root X1,O=Internet Security Research Group,C=US +# Serial Number:00:82:10:cf:b0:d2:40:e3:59:44:63:e0:bb:63:82:8b:00 +# Subject: CN=ISRG Root X1,O=Internet Security Research Group,C=US +# Not Valid Before: Thu Jun 04 11:04:38 2015 +# Not Valid After : Mon Jun 04 11:04:38 2035 +# Fingerprint (SHA-256): 96:BC:EC:06:26:49:76:F3:74:60:77:9A:CF:28:C5:A7:CF:E8:A3:C0:AA:E1:1A:8F:FC:EE:05:C0:BD:DF:08:C6 +# Fingerprint (SHA1): CA:BD:2A:79:A1:07:6A:31:F2:1D:25:36:35:CB:03:9D:43:29:A5:E8 +# Trust for "ISRG Root X1" +# Issuer: CN=ISRG Root X1,O=Internet Security Research Group,C=US +# Serial Number:00:82:10:cf:b0:d2:40:e3:59:44:63:e0:bb:63:82:8b:00 +# Subject: CN=ISRG Root X1,O=Internet Security Research Group,C=US +# Not Valid Before: Thu Jun 04 11:04:38 2015 +# Not Valid After : Mon Jun 04 11:04:38 2035 +# Fingerprint (SHA-256): 96:BC:EC:06:26:49:76:F3:74:60:77:9A:CF:28:C5:A7:CF:E8:A3:C0:AA:E1:1A:8F:FC:EE:05:C0:BD:DF:08:C6 +# Fingerprint (SHA1): CA:BD:2A:79:A1:07:6A:31:F2:1D:25:36:35:CB:03:9D:43:29:A5:E8 +# Certificate "AC RAIZ FNMT-RCM" +# Issuer: OU=AC RAIZ FNMT-RCM,O=FNMT-RCM,C=ES +# Serial Number:5d:93:8d:30:67:36:c8:06:1d:1a:c7:54:84:69:07 +# Subject: OU=AC RAIZ FNMT-RCM,O=FNMT-RCM,C=ES +# Not Valid Before: Wed Oct 29 15:59:56 2008 +# Not Valid After : Tue Jan 01 00:00:00 2030 +# Fingerprint (SHA-256): EB:C5:57:0C:29:01:8C:4D:67:B1:AA:12:7B:AF:12:F7:03:B4:61:1E:BC:17:B7:DA:B5:57:38:94:17:9B:93:FA +# Fingerprint (SHA1): EC:50:35:07:B2:15:C4:95:62:19:E2:A8:9A:5B:42:99:2C:4C:2C:20 +# Trust for "AC RAIZ FNMT-RCM" +# Issuer: OU=AC RAIZ FNMT-RCM,O=FNMT-RCM,C=ES +# Serial Number:5d:93:8d:30:67:36:c8:06:1d:1a:c7:54:84:69:07 +# Subject: OU=AC RAIZ FNMT-RCM,O=FNMT-RCM,C=ES +# Not Valid Before: Wed Oct 29 15:59:56 2008 +# Not Valid After : Tue Jan 01 00:00:00 2030 +# Fingerprint (SHA-256): EB:C5:57:0C:29:01:8C:4D:67:B1:AA:12:7B:AF:12:F7:03:B4:61:1E:BC:17:B7:DA:B5:57:38:94:17:9B:93:FA +# Fingerprint (SHA1): EC:50:35:07:B2:15:C4:95:62:19:E2:A8:9A:5B:42:99:2C:4C:2C:20 +# Certificate "Amazon Root CA 1" +# Issuer: CN=Amazon Root CA 1,O=Amazon,C=US +# Serial Number:06:6c:9f:cf:99:bf:8c:0a:39:e2:f0:78:8a:43:e6:96:36:5b:ca +# Subject: CN=Amazon Root CA 1,O=Amazon,C=US +# Not Valid Before: Tue May 26 00:00:00 2015 +# Not Valid After : Sun Jan 17 00:00:00 2038 +# Fingerprint (SHA-256): 8E:CD:E6:88:4F:3D:87:B1:12:5B:A3:1A:C3:FC:B1:3D:70:16:DE:7F:57:CC:90:4F:E1:CB:97:C6:AE:98:19:6E +# Fingerprint (SHA1): 8D:A7:F9:65:EC:5E:FC:37:91:0F:1C:6E:59:FD:C1:CC:6A:6E:DE:16 +# Trust for "Amazon Root CA 1" +# Issuer: CN=Amazon Root CA 1,O=Amazon,C=US +# Serial Number:06:6c:9f:cf:99:bf:8c:0a:39:e2:f0:78:8a:43:e6:96:36:5b:ca +# Subject: CN=Amazon Root CA 1,O=Amazon,C=US +# Not Valid Before: Tue May 26 00:00:00 2015 +# Not Valid After : Sun Jan 17 00:00:00 2038 +# Fingerprint (SHA-256): 8E:CD:E6:88:4F:3D:87:B1:12:5B:A3:1A:C3:FC:B1:3D:70:16:DE:7F:57:CC:90:4F:E1:CB:97:C6:AE:98:19:6E +# Fingerprint (SHA1): 8D:A7:F9:65:EC:5E:FC:37:91:0F:1C:6E:59:FD:C1:CC:6A:6E:DE:16 +# Certificate "Amazon Root CA 2" +# Issuer: CN=Amazon Root CA 2,O=Amazon,C=US +# Serial Number:06:6c:9f:d2:96:35:86:9f:0a:0f:e5:86:78:f8:5b:26:bb:8a:37 +# Subject: CN=Amazon Root CA 2,O=Amazon,C=US +# Not Valid Before: Tue May 26 00:00:00 2015 +# Not Valid After : Sat May 26 00:00:00 2040 +# Fingerprint (SHA-256): 1B:A5:B2:AA:8C:65:40:1A:82:96:01:18:F8:0B:EC:4F:62:30:4D:83:CE:C4:71:3A:19:C3:9C:01:1E:A4:6D:B4 +# Fingerprint (SHA1): 5A:8C:EF:45:D7:A6:98:59:76:7A:8C:8B:44:96:B5:78:CF:47:4B:1A +# Trust for "Amazon Root CA 2" +# Issuer: CN=Amazon Root CA 2,O=Amazon,C=US +# Serial Number:06:6c:9f:d2:96:35:86:9f:0a:0f:e5:86:78:f8:5b:26:bb:8a:37 +# Subject: CN=Amazon Root CA 2,O=Amazon,C=US +# Not Valid Before: Tue May 26 00:00:00 2015 +# Not Valid After : Sat May 26 00:00:00 2040 +# Fingerprint (SHA-256): 1B:A5:B2:AA:8C:65:40:1A:82:96:01:18:F8:0B:EC:4F:62:30:4D:83:CE:C4:71:3A:19:C3:9C:01:1E:A4:6D:B4 +# Fingerprint (SHA1): 5A:8C:EF:45:D7:A6:98:59:76:7A:8C:8B:44:96:B5:78:CF:47:4B:1A +# Certificate "Amazon Root CA 3" +# Issuer: CN=Amazon Root CA 3,O=Amazon,C=US +# Serial Number:06:6c:9f:d5:74:97:36:66:3f:3b:0b:9a:d9:e8:9e:76:03:f2:4a +# Subject: CN=Amazon Root CA 3,O=Amazon,C=US +# Not Valid Before: Tue May 26 00:00:00 2015 +# Not Valid After : Sat May 26 00:00:00 2040 +# Fingerprint (SHA-256): 18:CE:6C:FE:7B:F1:4E:60:B2:E3:47:B8:DF:E8:68:CB:31:D0:2E:BB:3A:DA:27:15:69:F5:03:43:B4:6D:B3:A4 +# Fingerprint (SHA1): 0D:44:DD:8C:3C:8C:1A:1A:58:75:64:81:E9:0F:2E:2A:FF:B3:D2:6E +# Trust for "Amazon Root CA 3" +# Issuer: CN=Amazon Root CA 3,O=Amazon,C=US +# Serial Number:06:6c:9f:d5:74:97:36:66:3f:3b:0b:9a:d9:e8:9e:76:03:f2:4a +# Subject: CN=Amazon Root CA 3,O=Amazon,C=US +# Not Valid Before: Tue May 26 00:00:00 2015 +# Not Valid After : Sat May 26 00:00:00 2040 +# Fingerprint (SHA-256): 18:CE:6C:FE:7B:F1:4E:60:B2:E3:47:B8:DF:E8:68:CB:31:D0:2E:BB:3A:DA:27:15:69:F5:03:43:B4:6D:B3:A4 +# Fingerprint (SHA1): 0D:44:DD:8C:3C:8C:1A:1A:58:75:64:81:E9:0F:2E:2A:FF:B3:D2:6E +# Certificate "Amazon Root CA 4" +# Issuer: CN=Amazon Root CA 4,O=Amazon,C=US +# Serial Number:06:6c:9f:d7:c1:bb:10:4c:29:43:e5:71:7b:7b:2c:c8:1a:c1:0e +# Subject: CN=Amazon Root CA 4,O=Amazon,C=US +# Not Valid Before: Tue May 26 00:00:00 2015 +# Not Valid After : Sat May 26 00:00:00 2040 +# Fingerprint (SHA-256): E3:5D:28:41:9E:D0:20:25:CF:A6:90:38:CD:62:39:62:45:8D:A5:C6:95:FB:DE:A3:C2:2B:0B:FB:25:89:70:92 +# Fingerprint (SHA1): F6:10:84:07:D6:F8:BB:67:98:0C:C2:E2:44:C2:EB:AE:1C:EF:63:BE +# Trust for "Amazon Root CA 4" +# Issuer: CN=Amazon Root CA 4,O=Amazon,C=US +# Serial Number:06:6c:9f:d7:c1:bb:10:4c:29:43:e5:71:7b:7b:2c:c8:1a:c1:0e +# Subject: CN=Amazon Root CA 4,O=Amazon,C=US +# Not Valid Before: Tue May 26 00:00:00 2015 +# Not Valid After : Sat May 26 00:00:00 2040 +# Fingerprint (SHA-256): E3:5D:28:41:9E:D0:20:25:CF:A6:90:38:CD:62:39:62:45:8D:A5:C6:95:FB:DE:A3:C2:2B:0B:FB:25:89:70:92 +# Fingerprint (SHA1): F6:10:84:07:D6:F8:BB:67:98:0C:C2:E2:44:C2:EB:AE:1C:EF:63:BE +# Certificate "LuxTrust Global Root 2" +# Issuer: CN=LuxTrust Global Root 2,O=LuxTrust S.A.,C=LU +# Serial Number:0a:7e:a6:df:4b:44:9e:da:6a:24:85:9e:e6:b8:15:d3:16:7f:bb:b1 +# Subject: CN=LuxTrust Global Root 2,O=LuxTrust S.A.,C=LU +# Not Valid Before: Thu Mar 05 13:21:57 2015 +# Not Valid After : Mon Mar 05 13:21:57 2035 +# Fingerprint (SHA-256): 54:45:5F:71:29:C2:0B:14:47:C4:18:F9:97:16:8F:24:C5:8F:C5:02:3B:F5:DA:5B:E2:EB:6E:1D:D8:90:2E:D5 +# Fingerprint (SHA1): 1E:0E:56:19:0A:D1:8B:25:98:B2:04:44:FF:66:8A:04:17:99:5F:3F +# Trust for "LuxTrust Global Root 2" +# Issuer: CN=LuxTrust Global Root 2,O=LuxTrust S.A.,C=LU +# Serial Number:0a:7e:a6:df:4b:44:9e:da:6a:24:85:9e:e6:b8:15:d3:16:7f:bb:b1 +# Subject: CN=LuxTrust Global Root 2,O=LuxTrust S.A.,C=LU +# Not Valid Before: Thu Mar 05 13:21:57 2015 +# Not Valid After : Mon Mar 05 13:21:57 2035 +# Fingerprint (SHA-256): 54:45:5F:71:29:C2:0B:14:47:C4:18:F9:97:16:8F:24:C5:8F:C5:02:3B:F5:DA:5B:E2:EB:6E:1D:D8:90:2E:D5 +# Fingerprint (SHA1): 1E:0E:56:19:0A:D1:8B:25:98:B2:04:44:FF:66:8A:04:17:99:5F:3F +# Certificate "Symantec Class 1 Public Primary Certification Authority - G6" +# Issuer: CN=Symantec Class 1 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US +# Serial Number:24:32:75:f2:1d:2f:d2:09:33:f7:b4:6a:ca:d0:f3:98 +# Subject: CN=Symantec Class 1 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US +# Not Valid Before: Tue Oct 18 00:00:00 2011 +# Not Valid After : Tue Dec 01 23:59:59 2037 +# Fingerprint (SHA-256): 9D:19:0B:2E:31:45:66:68:5B:E8:A8:89:E2:7A:A8:C7:D7:AE:1D:8A:AD:DB:A3:C1:EC:F9:D2:48:63:CD:34:B9 +# Fingerprint (SHA1): 51:7F:61:1E:29:91:6B:53:82:FB:72:E7:44:D9:8D:C3:CC:53:6D:64 +# Trust for "Symantec Class 1 Public Primary Certification Authority - G6" +# Issuer: CN=Symantec Class 1 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US +# Serial Number:24:32:75:f2:1d:2f:d2:09:33:f7:b4:6a:ca:d0:f3:98 +# Subject: CN=Symantec Class 1 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US +# Not Valid Before: Tue Oct 18 00:00:00 2011 +# Not Valid After : Tue Dec 01 23:59:59 2037 +# Fingerprint (SHA-256): 9D:19:0B:2E:31:45:66:68:5B:E8:A8:89:E2:7A:A8:C7:D7:AE:1D:8A:AD:DB:A3:C1:EC:F9:D2:48:63:CD:34:B9 +# Fingerprint (SHA1): 51:7F:61:1E:29:91:6B:53:82:FB:72:E7:44:D9:8D:C3:CC:53:6D:64 +# Certificate "Symantec Class 2 Public Primary Certification Authority - G6" +# Issuer: CN=Symantec Class 2 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US +# Serial Number:64:82:9e:fc:37:1e:74:5d:fc:97:ff:97:c8:b1:ff:41 +# Subject: CN=Symantec Class 2 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US +# Not Valid Before: Tue Oct 18 00:00:00 2011 +# Not Valid After : Tue Dec 01 23:59:59 2037 +# Fingerprint (SHA-256): CB:62:7D:18:B5:8A:D5:6D:DE:33:1A:30:45:6B:C6:5C:60:1A:4E:9B:18:DE:DC:EA:08:E7:DA:AA:07:81:5F:F0 +# Fingerprint (SHA1): 40:B3:31:A0:E9:BF:E8:55:BC:39:93:CA:70:4F:4E:C2:51:D4:1D:8F +# Trust for "Symantec Class 2 Public Primary Certification Authority - G6" +# Issuer: CN=Symantec Class 2 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US +# Serial Number:64:82:9e:fc:37:1e:74:5d:fc:97:ff:97:c8:b1:ff:41 +# Subject: CN=Symantec Class 2 Public Primary Certification Authority - G6,OU=Symantec Trust Network,O=Symantec Corporation,C=US +# Not Valid Before: Tue Oct 18 00:00:00 2011 +# Not Valid After : Tue Dec 01 23:59:59 2037 +# Fingerprint (SHA-256): CB:62:7D:18:B5:8A:D5:6D:DE:33:1A:30:45:6B:C6:5C:60:1A:4E:9B:18:DE:DC:EA:08:E7:DA:AA:07:81:5F:F0 +# Fingerprint (SHA1): 40:B3:31:A0:E9:BF:E8:55:BC:39:93:CA:70:4F:4E:C2:51:D4:1D:8F +# Certificate "Symantec Class 1 Public Primary Certification Authority - G4" +# Issuer: CN=Symantec Class 1 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US +# Serial Number:21:6e:33:a5:cb:d3:88:a4:6f:29:07:b4:27:3c:c4:d8 +# Subject: CN=Symantec Class 1 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US +# Not Valid Before: Wed Oct 05 00:00:00 2011 +# Not Valid After : Mon Jan 18 23:59:59 2038 +# Fingerprint (SHA-256): 36:3F:3C:84:9E:AB:03:B0:A2:A0:F6:36:D7:B8:6D:04:D3:AC:7F:CF:E2:6A:0A:91:21:AB:97:95:F6:E1:76:DF +# Fingerprint (SHA1): 84:F2:E3:DD:83:13:3E:A9:1D:19:52:7F:02:D7:29:BF:C1:5F:E6:67 +# Trust for "Symantec Class 1 Public Primary Certification Authority - G4" +# Issuer: CN=Symantec Class 1 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US +# Serial Number:21:6e:33:a5:cb:d3:88:a4:6f:29:07:b4:27:3c:c4:d8 +# Subject: CN=Symantec Class 1 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US +# Not Valid Before: Wed Oct 05 00:00:00 2011 +# Not Valid After : Mon Jan 18 23:59:59 2038 +# Fingerprint (SHA-256): 36:3F:3C:84:9E:AB:03:B0:A2:A0:F6:36:D7:B8:6D:04:D3:AC:7F:CF:E2:6A:0A:91:21:AB:97:95:F6:E1:76:DF +# Fingerprint (SHA1): 84:F2:E3:DD:83:13:3E:A9:1D:19:52:7F:02:D7:29:BF:C1:5F:E6:67 +# Certificate "Symantec Class 2 Public Primary Certification Authority - G4" +# Issuer: CN=Symantec Class 2 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US +# Serial Number:34:17:65:12:40:3b:b7:56:80:2d:80:cb:79:55:a6:1e +# Subject: CN=Symantec Class 2 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US +# Not Valid Before: Wed Oct 05 00:00:00 2011 +# Not Valid After : Mon Jan 18 23:59:59 2038 +# Fingerprint (SHA-256): FE:86:3D:08:22:FE:7A:23:53:FA:48:4D:59:24:E8:75:65:6D:3D:C9:FB:58:77:1F:6F:61:6F:9D:57:1B:C5:92 +# Fingerprint (SHA1): 67:24:90:2E:48:01:B0:22:96:40:10:46:B4:B1:67:2C:A9:75:FD:2B +# Trust for "Symantec Class 2 Public Primary Certification Authority - G4" +# Issuer: CN=Symantec Class 2 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US +# Serial Number:34:17:65:12:40:3b:b7:56:80:2d:80:cb:79:55:a6:1e +# Subject: CN=Symantec Class 2 Public Primary Certification Authority - G4,OU=Symantec Trust Network,O=Symantec Corporation,C=US +# Not Valid Before: Wed Oct 05 00:00:00 2011 +# Not Valid After : Mon Jan 18 23:59:59 2038 +# Fingerprint (SHA-256): FE:86:3D:08:22:FE:7A:23:53:FA:48:4D:59:24:E8:75:65:6D:3D:C9:FB:58:77:1F:6F:61:6F:9D:57:1B:C5:92 +# Fingerprint (SHA1): 67:24:90:2E:48:01:B0:22:96:40:10:46:B4:B1:67:2C:A9:75:FD:2B @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.23 2016/07/21 12:37:43 wiz Exp $ d4 1 @ 1.23 log @Update to certificates of 20160610. Bump version. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.22 2016/02/06 10:22:54 tron Exp $ d5 1 a5 1 MASTER_SITES= -https://hg.mozilla.org/mozilla-central/raw-file/d224fc999cb6/security/nss/lib/ckfw/builtins/certdata.txt d17 1 a17 1 CERTDATA_DATE= 20160610 @ 1.22 log @Create and install a file called "share/mozilla-rootcerts/cacert.pem" which contains all the trusted certificates in PEM format. This file can e.g. be used with command line clients like "curl" or "wget" to validate certificates. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.21 2015/10/18 19:24:39 tnn Exp $ a3 1 PKGREVISION= 1 d5 1 a5 1 MASTER_SITES= -https://hg.mozilla.org/mozilla-central/raw-file/2f1a37cb43ac/security/nss/lib/ckfw/builtins/certdata.txt d17 1 a17 1 CERTDATA_DATE= 20150804 @ 1.21 log @set HOMEPAGE to the hg revision log URL to make it easier to figure out if the package needs an update. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.20 2015/09/12 13:06:13 tnn Exp $ d4 1 a21 1 BUILD_DIRS= # empty d33 2 d38 1 a38 1 SUBST_FILES.paths= mozilla-rootcerts.sh d45 1 a45 1 ${CP} ${FILESDIR}/mozilla-rootcerts.sh ${WRKSRC} d48 6 d55 1 a55 1 ${INSTALL_SCRIPT} ${WRKSRC}/mozilla-rootcerts.sh \ d58 1 @ 1.20 log @mention mozilla-rootcerts-openssl @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.19 2015/09/11 20:32:33 tnn Exp $ d10 1 a10 1 HOMEPAGE= https://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txt @ 1.19 log @Update to 20150804. Added: C=CN, O=China Financial Certification Authority, CN=CFCA EV ROOT C=DE, O=Deutscher Sparkassen Verlag GmbH, OU=S-TRUST Certification Services, \ CN=S-TRUST Universal Root CA C=FR, O=Certinomis, OU=0002 433998903, CN=Certinomis - Root CA C=NL, O=Staat der Nederlanden, CN=Staat der Nederlanden EV Root CA C=NL, O=Staat der Nederlanden, CN=Staat der Nederlanden Root CA - G3 C=TR, L=Ankara, \ O=T?RKTRUST Bilgi ?leti?im ve Bili?im G?venli?i Hizmetleri A.?., \ CN=T?RKTRUST Elektronik Sertifika Hizmet Sa?lay?c?s? H5 C=TR, L=Ankara, \ O=T?RKTRUST Bilgi ?leti?im ve Bili?im G?venli?i Hizmetleri A.?., \ CN=T?RKTRUST Elektronik Sertifika Hizmet Sa?lay?c?s? H6 C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, \ OU=(c) 2009 Entrust, Inc. - for authorized use only, \ CN=Entrust Root Certification Authority - G2 C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, \ OU=(c) 2012 Entrust, Inc. - for authorized use only, \ CN=Entrust Root Certification Authority - EC1 C=US, O=IdenTrust, CN=IdenTrust Commercial Root CA 1 C=US, O=IdenTrust, CN=IdenTrust Public Sector Root CA 1 Removed: C=DE, O=TC TrustCenter GmbH, OU=TC TrustCenter Class 2 CA, \ CN=TC TrustCenter Class 2 CA II C=DE, O=TC TrustCenter GmbH, OU=TC TrustCenter Universal CA, \ CN=TC TrustCenter Universal CA I C=NO, O=Buypass AS-983163327, CN=Buypass Class 3 CA 1 C=TR, O=Elektronik Bilgi Guvenligi A.S., \ CN=e-Guven Kok Elektronik Sertifika Hizmet Saglayicisi CN=SG TRUST SERVICES RACINE, OU=0002 43525289500022, O=SG TRUST SERVICES, C=FR CN=T?RKTRUST Elektronik Sertifika Hizmet Sa?lay?c?s?, C=TR, L=ANKARA, \ O=(c) 2005 T?RKTRUST Bilgi ?leti?im ve Bili?im G?venli?i Hizmetleri A.?. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.18 2015/04/18 20:11:35 dholland Exp $ d16 1 @ 1.18 log @Add support for -d destdir to the mozilla-rootcerts installer script. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.17 2015/02/16 13:09:10 tnn Exp $ a3 1 PKGREVISION= 1 d5 1 a5 1 MASTER_SITES= -https://hg.mozilla.org/mozilla-central/raw-file/7f6a55544bb3/security/nss/lib/ckfw/builtins/certdata.txt d16 1 a16 1 CERTDATA_DATE= 20141117 @ 1.17 log @Update to mozilla-rootcerts-20141117. Added root certs: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Secure Server CA - G2 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust ECC Certification Authority C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority OU=GlobalSign ECC Root CA - R4, O=GlobalSign, CN=GlobalSign OU=GlobalSign ECC Root CA - R5, O=GlobalSign, CN=GlobalSign Removed root certs: C=US, O=America Online Inc., CN=America Online Root Certification Authority 1 C=US, O=America Online Inc., CN=America Online Root Certification Authority 2 C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA/emailAddress=premium-server@@thawte.com C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Server CA/emailAddress=server-certs@@thawte.com @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.16 2015/01/27 13:53:06 jperkin Exp $ d4 1 @ 1.16 log @Ensure we call the full path to the script. Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.15 2014/09/06 08:03:00 wiz Exp $ a3 1 PKGREVISION= 2 d5 1 a5 1 MASTER_SITES= ${MASTER_SITE_LOCAL} d16 1 a16 1 CERTDATA_DATE= 20140820 @ 1.15 log @Improve detection of untrusted certificates. From John D. Baker in PR 49176. Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.14 2014/08/25 08:34:44 mlelstv Exp $ d4 1 a4 1 PKGREVISION= 1 d37 1 a37 1 SUBST_VARS.paths= AWK ECHO EXPR LN LS RM DATADIR MKDIR SSLDIR @ 1.14 log @Update certs to more recent version. The License changed to MPL 2.0. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.13 2014/03/03 06:01:26 obache Exp $ d4 1 @ 1.13 log @reset CHECK_BUILTIN.openssl to avoid side effect. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.12 2013/03/15 16:14:55 bsiegert Exp $ a3 1 PKGREVISION= 1 d10 1 a10 1 HOMEPAGE= http://mxr.mozilla.org/mozilla/source/security/nss/lib/ckfw/builtins/certdata.txt?raw=1 d12 1 a12 1 LICENSE= mpl-1.1 OR gnu-gpl-v2 OR gnu-lgpl-v2.1 d16 1 a16 1 CERTDATA_DATE= 20121229 @ 1.12 log @Add a new subcommand "mozilla-rootcerts install" that unpacks and installs the certificates with a single command. ok gdt, wiz @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.11 2013/03/15 12:36:25 fhajny Exp $ d26 1 @ 1.11 log @Substitute the openssl tool path in a different manner, so that pkgsrc openssl will be used if not builtin. Fixes problem with incorrect cert hashes generated on (at least) SunOS. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.10 2013/01/31 09:39:00 wiz Exp $ d4 1 d15 1 a15 1 USE_TOOLS= awk:run echo:run expr:run ln:run ls:run openssl:run rm:run d24 8 d36 1 a36 1 SUBST_VARS.paths= AWK ECHO EXPR LN LS RM DATADIR @ 1.10 log @Update mozilla root certificates to 20121229 version. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.9 2012/10/23 18:16:36 asau Exp $ d27 2 a28 1 SUBST_VARS.paths= AWK ECHO EXPR LN LS OPENSSL RM DATADIR @ 1.9 log @Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.8 2011/09/08 19:46:01 drochner Exp $ d16 1 a16 1 CERTDATA_DATE= 20110902 @ 1.8 log @mozilla has switched to a scheme of explicitly distrusting certificates in its stable branch (ie firefox-6.0.2) too, so deal with this in the mozilla-rootcerts script (this is not great - it depends on syntactic details of the file where it should better use checksums, but the perl script which is distributed with "curl" works the same way), and switch back to the certificate list in CVS HEAD @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.7 2011/08/31 11:42:43 drochner Exp $ a13 2 PKG_DESTDIR_SUPPORT= user-destdir @ 1.7 log @update to the version distributed with firefox-6.0.1, in response to the recent discovery of false certificates from diginotar (Recent versions from the source repository don't work, see the comment in Makefile.) @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.6 2010/11/13 21:09:03 shattered Exp $ d18 1 a18 6 # This is not the file from the repository in HOMEPAGE above but # the version distributed with firefox-6.0.1. # (Newer versions seem to handle trust explicitely so that the mere # presence of a certificate doesn't mean that it is trusted. The # extraction by our "mozilla-rootcerts" script doesn't handle this.) CERTDATA_DATE= 20110830 @ 1.6 log @Follow HTTP redirects to new HOMEPAGEs and/or MASTER_SITES. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.5 2010/10/22 10:41:49 wiz Exp $ d18 6 a23 1 CERTDATA_DATE= 20100827 @ 1.5 log @Update to 20100827. Set LICENSE. Fix bug reported by Makoto Yamakura in PR 43992. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.4 2010/03/21 16:29:43 wiz Exp $ d10 1 a10 1 HOMEPAGE= http://lxr.mozilla.org/mozilla/source/security/nss/lib/ckfw/builtins/certdata.txt?raw=1 @ 1.4 log @Reset maintainer, developer lost his commit bit. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.3 2009/11/03 02:43:55 wiz Exp $ d11 2 a12 1 COMMENT= root CA certificates from the Mozilla Project d18 1 a18 1 CERTDATA_DATE= 20090831 @ 1.3 log @Simplify awk usage to make it work with nawk, from Matthias Pfaller in PR 42238. While here, update to latest certificates from mozilla. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.2 2008/06/22 23:05:00 joerg Exp $ d9 1 a9 1 MAINTAINER= jlam@@pkgsrc.org @ 1.2 log @DESTDIR support. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.1.1.1 2007/09/20 20:02:53 jlam Exp $ d17 1 a17 1 CERTDATA_DATE= 20070713 @ 1.1 log @Initial revision @ text @d1 1 a1 1 # $NetBSD$ d13 2 d38 2 a39 2 ${PREFIX}/sbin/mozilla-rootcerts ${INSTALL_DATA} ${WRKSRC}/${CERTDATA} ${DATADIR}/certdata.txt @ 1.1.1.1 log @Import security/mozilla-rootcerts: This package provides a script which can be used to extract the root CA certificates distributed by the Mozilla Project into the current working directory and to rehash the existing certificates. The directory can be used by most SSL-aware programs that expect a "CA certificate path". @ text @@