The following patch removes expired certificates for TrustCenter, Germany, and adds new ones which will be valid until 2011 (go figure...). I didn't update the class 0 CA-cert, since this is for demonstration purposes only. Disclaimer: I'm a private customer of TrustCenter.
Responsible Changed From-To: freebsd-ports-bugs->secteam Over to secteam for reviewing as per comments in the port. If the secteam feels it's appropriate to prune ALL expired certs, I'll volunteer to do this.
Responsible Changed From-To: secteam->vs Bring the PR back to Volker. The secteam thinks we can remove the expired certificates without problems. The new certificates are more problematic since they require more attention and should be validated as best as possible by someone from the secteam. That should be done in a different PR and takes longer then to remove the certificates.
State Changed From-To: open->patched Back to secteam: Expired certs have been pruned, awaiting review of new certs.
Responsible Changed From-To: vs->secteam Back to secteam: Expired certs have been pruned, awaiting review of new certs.
State Changed From-To: patched->closed The ca-roots port is now deprecated, but thanks for the patch.