The Mozilla CA root certificate bundle
6df1740e0f
This update adjusts the diff-from-upstream patch (which is a patch purely provided for documentation purposes). It shows a modification that was made as part of the 2.4 update (which in fact removed legacy treatment for one certificate, because upstream had reverted it to an earlier trusted state, as documented on the package wiki page). No changes to the legacy treatment were made in this 2.5 update. |
||
|---|---|---|
| .gitignore | ||
| ca-certificates.spec | ||
| ca-legacy | ||
| ca-legacy.8.txt | ||
| ca-legacy.conf | ||
| certdata2pem.py | ||
| certdata.txt | ||
| diff-from-upstream-2.5.patch | ||
| fetch.sh | ||
| nssckbi.h | ||
| README.etc | ||
| README.extr | ||
| README.java | ||
| README.openssl | ||
| README.pem | ||
| README.src | ||
| README.usr | ||
| sources | ||
| trust-fixes | ||
| update-ca-trust | ||
| update-ca-trust.8.txt | ||
This directory /usr/share/pki/ca-trust-source/ contains CA certificates and
trust settings in the PEM file format. The trust settings found here will be
interpreted with a low priority - lower than the ones found in
/etc/pki/ca-trust/source/ .
=============================================================================
QUICK HELP: To add a certificate in the simple PEM or DER file formats to the
list of CAs trusted on the system:
Copy it to the
/usr/share/pki/ca-trust-source/anchors/
subdirectory, and run the
update-ca-trust
command.
If your certificate is in the extended BEGIN TRUSTED file format,
then place it into the main source/ directory instead.
=============================================================================
Please refer to the update-ca-trust(8) manual page for additional information.