The Mozilla CA root certificate bundle
94fa011408
Resolves: RHEL-44988
Removing:
# Certificate "Verisign Class 1 Public Primary Certification Authority - G3"
# Certificate "Verisign Class 2 Public Primary Certification Authority - G3"
# Certificate "Security Communication Root CA"
# Certificate "Camerfirma Chambers of Commerce Root"
# Certificate "Hongkong Post Root CA 1"
# Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068"
# Certificate "Symantec Class 1 Public Primary Certification Authority - G6"
# Certificate "Symantec Class 2 Public Primary Certification Authority - G6"
# Certificate "TrustCor RootCert CA-1"
# Certificate "TrustCor RootCert CA-2"
# Certificate "TrustCor ECA-1"
# Certificate "FNMT-RCM"
Adding:
# Certificate "LAWtrust Root CA2 (4096)"
# Certificate "Sectigo Public Email Protection Root E46"
# Certificate "Sectigo Public Email Protection Root R46"
# Certificate "Sectigo Public Server Authentication Root E46"
# Certificate "Sectigo Public Server Authentication Root R46"
# Certificate "SSL.com TLS RSA Root CA 2022"
# Certificate "SSL.com TLS ECC Root CA 2022"
# Certificate "SSL.com Client ECC Root CA 2022"
# Certificate "SSL.com Client RSA Root CA 2022"
# Certificate "Atos TrustedRoot Root CA ECC G2 2020"
# Certificate "Atos TrustedRoot Root CA RSA G2 2020"
# Certificate "Atos TrustedRoot Root CA ECC TLS 2021"
# Certificate "Atos TrustedRoot Root CA RSA TLS 2021"
# Certificate "TrustAsia Global Root CA G3"
# Certificate "TrustAsia Global Root CA G4"
# Certificate "CommScope Public Trust ECC Root-01"
# Certificate "CommScope Public Trust ECC Root-02"
# Certificate "CommScope Public Trust RSA Root-01"
# Certificate "CommScope Public Trust RSA Root-02"
# Certificate "D-Trust SBR Root CA 1 2022"
# Certificate "D-Trust SBR Root CA 2 2022"
# Certificate "Telekom Security SMIME ECC Root 2021"
# Certificate "Telekom Security TLS ECC Root 2020"
# Certificate "Telekom Security SMIME RSA Root 2023"
# Certificate "Telekom Security TLS RSA Root 2023"
# Certificate "FIRMAPROFESIONAL CA ROOT-A WEB"
# Certificate "SECOM Trust.net"
# Certificate "Chambers of Commerce Root"
# Certificate "VeriSign Class 2 Public Primary Certification Authority - G3"
# Certificate "SSL.com Code Signing RSA Root CA 2022"
# Certificate "SSL.com Code Signing ECC Root CA 2022"
|
||
|---|---|---|
| tests | ||
| .gitignore | ||
| ca-certificates.spec | ||
| ca-legacy | ||
| ca-legacy.8.txt | ||
| ca-legacy.conf | ||
| certdata2pem.py | ||
| certdata.txt | ||
| check_certs.sh | ||
| fetch.sh | ||
| gating.yaml | ||
| nssckbi.h | ||
| README.edk2 | ||
| README.etc | ||
| README.extr | ||
| README.java | ||
| README.openssl | ||
| README.pem | ||
| README.src | ||
| README.usr | ||
| sort-blocks.py | ||
| sources | ||
| trust-fixes | ||
| update-ca-trust | ||
| update-ca-trust.8.txt | ||
This directory /usr/share/pki/ca-trust-source/ contains CA certificates and
trust settings in the PEM file format. The trust settings found here will be
interpreted with a low priority - lower than the ones found in
/etc/pki/ca-trust/source/ .
=============================================================================
QUICK HELP: To add a certificate in the simple PEM or DER file formats to the
list of CAs trusted on the system:
Copy it to the
/usr/share/pki/ca-trust-source/anchors/
subdirectory, and run the
update-ca-trust
command.
If your certificate is in the extended BEGIN TRUSTED file format,
then place it into the main source/ directory instead.
=============================================================================
Please refer to the update-ca-trust(8) manual page for additional information.