ca-certificates

rpms/ca-certificates

Fork 0

Commit Graph

Author	SHA1	Message	Date
Bob Relyea	c4c1a32e95	Add code to pull in object signing certs from Common CA Database (ccadb.org). Fix the updated merge scripts to handle this. Prune Expired certificates from certdata.txt and the object signing cert list Update to CKBI 2.48 from NSS 3.64 Removing: # Certificate "Verisign Class 3 Public Primary Certification Authority - G3" # Certificate "GeoTrust Universal CA 2" # Certificate "QuoVadis Root CA" # Certificate "Sonera Class 2 Root CA" # Certificate "Taiwan GRCA" # Certificate "VeriSign Class 3 Public Primary Certification Authority - G4" # Certificate "EE Certification Centre Root CA" # Certificate "LuxTrust Global Root 2" # Certificate "Symantec Class 1 Public Primary Certification Authority - G4" # Certificate "Symantec Class 2 Public Primary Certification Authority - G4" Adding: # Certificate "Microsoft ECC Root Certificate Authority 2017" # Certificate "Microsoft RSA Root Certificate Authority 2017" # Certificate "e-Szigno Root CA 2017" # Certificate "certSIGN Root CA G2" # Certificate "Trustwave Global Certification Authority" # Certificate "Trustwave Global ECC P256 Certification Authority" # Certificate "Trustwave Global ECC P384 Certification Authority" # Certificate "NAVER Global Root Certification Authority" # Certificate "AC RAIZ FNMT-RCM SERVIDORES SEGUROS" # Certificate "GlobalSign Secure Mail Root R45" # Certificate "GlobalSign Secure Mail Root E45" # Certificate "GlobalSign Root R46" # Certificate "GlobalSign Root E46" # Certificate "Certum EC-384 CA" # Certificate "Certum Trusted Root CA" # Certificate "GlobalSign Code Signing Root R45" # Certificate "GlobalSign Code Signing Root E45" # Certificate "Halcom Root Certificate Authority" # Certificate "Symantec Class 3 Public Primary Certification Authority - G6" # Certificate "GLOBALTRUST" # Certificate "MULTICERT Root Certification Authority 01" # Certificate "Verizon Global Root CA" # Certificate "Tunisian Root Certificate Authority - TunRootCA2" # Certificate "CAEDICOM Root" # Certificate "COMODO Certification Authority" # Certificate "Security Communication ECC RootCA1" # Certificate "Security Communication RootCA3" # Certificate "AC RAIZ DNIE" # Certificate "VeriSign Class 3 Public Primary Certification Authority - G3" # Certificate "NetLock Platina (Class Platinum) Főtanúsítvány" # Certificate "GLOBALTRUST 2015" # Certificate "emSign Root CA - G2" # Certificate "emSign Root CA - C2"	2021-05-25 16:48:57 -07:00
Bob Relyea	6d164aedd7	Update tools to pick up code signing certs from the Common CA Database: https://www.ccadb.org/resources Our normal root certs come from mozilla, but mozilla does not evaluate code signing. Currently code signing is only used my Microsoft .net, so we need to get code signing certs from Microsoft's code signing list. The certs in this list will only show up in the code signing lists or in the general list with only code signing set.	2021-05-24 10:49:58 -07:00

Author

SHA1

Message

Date

Bob Relyea

c4c1a32e95

Add code to pull in object signing certs from Common CA Database (ccadb.org).

Fix the updated merge scripts to handle this.
Prune Expired certificates from certdata.txt and the object signing cert list

Update to CKBI 2.48 from NSS 3.64

   Removing:
    # Certificate "Verisign Class 3 Public Primary Certification Authority - G3"
    # Certificate "GeoTrust Universal CA 2"
    # Certificate "QuoVadis Root CA"
    # Certificate "Sonera Class 2 Root CA"
    # Certificate "Taiwan GRCA"
    # Certificate "VeriSign Class 3 Public Primary Certification Authority - G4"
    # Certificate "EE Certification Centre Root CA"
    # Certificate "LuxTrust Global Root 2"
    # Certificate "Symantec Class 1 Public Primary Certification Authority - G4"
    # Certificate "Symantec Class 2 Public Primary Certification Authority - G4"
   Adding:
    # Certificate "Microsoft ECC Root Certificate Authority 2017"
    # Certificate "Microsoft RSA Root Certificate Authority 2017"
    # Certificate "e-Szigno Root CA 2017"
    # Certificate "certSIGN Root CA G2"
    # Certificate "Trustwave Global Certification Authority"
    # Certificate "Trustwave Global ECC P256 Certification Authority"
    # Certificate "Trustwave Global ECC P384 Certification Authority"
    # Certificate "NAVER Global Root Certification Authority"
    # Certificate "AC RAIZ FNMT-RCM SERVIDORES SEGUROS"
    # Certificate "GlobalSign Secure Mail Root R45"
    # Certificate "GlobalSign Secure Mail Root E45"
    # Certificate "GlobalSign Root R46"
    # Certificate "GlobalSign Root E46"
    # Certificate "Certum EC-384 CA"
    # Certificate "Certum Trusted Root CA"
    # Certificate "GlobalSign Code Signing Root R45"
    # Certificate "GlobalSign Code Signing Root E45"
    # Certificate "Halcom Root Certificate Authority"
    # Certificate "Symantec Class 3 Public Primary Certification Authority - G6"
    # Certificate "GLOBALTRUST"
    # Certificate "MULTICERT Root Certification Authority 01"
    # Certificate "Verizon Global Root CA"
    # Certificate "Tunisian Root Certificate Authority - TunRootCA2"
    # Certificate "CAEDICOM Root"
    # Certificate "COMODO Certification Authority"
    # Certificate "Security Communication ECC RootCA1"
    # Certificate "Security Communication RootCA3"
    # Certificate "AC RAIZ DNIE"
    # Certificate "VeriSign Class 3 Public Primary Certification Authority - G3"
    # Certificate "NetLock Platina (Class Platinum) Főtanúsítvány"
    # Certificate "GLOBALTRUST 2015"
    # Certificate "emSign Root CA - G2"
    # Certificate "emSign Root CA - C2"

2021-05-25 16:48:57 -07:00

Bob Relyea

6d164aedd7

Update tools to pick up code signing certs from the Common CA Database:

https://www.ccadb.org/resources

Our normal root certs come from mozilla, but mozilla does not evaluate
code signing. Currently code signing is only used my Microsoft .net, so
we need to get code signing certs from Microsoft's code signing list.

The certs in this list will only show up in the code signing lists
or in the general list with only code signing set.

2021-05-24 10:49:58 -07:00

2 Commits