Bug 228913 - Include a root certificate bundle in the base system
Summary: Include a root certificate bundle in the base system
Status: In Progress
Alias: None
Product: Base System
Classification: Unclassified
Component: bin (show other bugs)
Version: CURRENT
Hardware: Any Any
: --- Affects Many People
Assignee: Allan Jude
URL:
Keywords:
Depends on:
Blocks: 228911
  Show dependency treegraph
 
Reported: 2018-06-12 08:08 UTC by Rodney W. Grimes
Modified: 2018-09-15 17:22 UTC (History)
5 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Rodney W. Grimes freebsd_committer 2018-06-12 08:08:44 UTC
Add the/a root CA to the base system
Comment 1 Allan Jude freebsd_committer 2018-08-20 20:37:36 UTC
This item is progressing

This script will allow secteam@ to convert the NSS bundle into the per-CA files to be installed in /usr/share/certs

https://reviews.freebsd.org/D15713


There is a second part, trustctl(8), that creates the hashed symlinks in /etc/ssl/certs that is almost finished.
Comment 2 Allan Jude freebsd_committer 2018-08-20 20:41:21 UTC
(In reply to Allan Jude from comment #1)
That link should be: https://reviews.freebsd.org/D16684
Comment 3 Allan Jude freebsd_committer 2018-08-23 03:48:47 UTC
Actual certificates for base:
https://reviews.freebsd.org/D16856

trustctl(8):
https://reviews.freebsd.org/D16857