Bug 228913

Summary: Include a root certificate bundle in the base system
Product: Base System Reporter: Rodney W. Grimes <rgrimes>
Component: binAssignee: Allan Jude <allanjude>
Status: In Progress ---    
Severity: Affects Many People CC: cem, emaste, pi, rgrimes, thierry
Priority: ---    
Version: CURRENT   
Hardware: Any   
OS: Any   
Bug Depends on:    
Bug Blocks: 228911    

Description Rodney W. Grimes freebsd_committer 2018-06-12 08:08:44 UTC
Add the/a root CA to the base system
Comment 1 Allan Jude freebsd_committer 2018-08-20 20:37:36 UTC
This item is progressing

This script will allow secteam@ to convert the NSS bundle into the per-CA files to be installed in /usr/share/certs

https://reviews.freebsd.org/D15713


There is a second part, trustctl(8), that creates the hashed symlinks in /etc/ssl/certs that is almost finished.
Comment 2 Allan Jude freebsd_committer 2018-08-20 20:41:21 UTC
(In reply to Allan Jude from comment #1)
That link should be: https://reviews.freebsd.org/D16684
Comment 3 Allan Jude freebsd_committer 2018-08-23 03:48:47 UTC
Actual certificates for base:
https://reviews.freebsd.org/D16856

trustctl(8):
https://reviews.freebsd.org/D16857