ca-certificates/ca-legacy.conf
Kai Engert e24bfeb6b0 - Introduce the ca-legacy utility and a ca-legacy.conf configuration file.
By default, legacy roots required for OpenSSL/GnuTLS compatibility
  are kept enabled. Using the ca-legacy utility, the legacy roots can be
  disabled. If disabled, the system will use the trust set as provided
  by the upstream Mozilla CA list. (See also: rhbz#1158197)
2014-10-28 20:54:15 +01:00

10 lines
323 B
Plaintext

# legacy=enable :
# Certain legacy certs, that have been removed by upstream Mozilla,
# are still marked as trusted, if required for backwards compatibility
# with cryptographic libraries like openssl or gnutls.
#
# legacy=disable :
# Follow all removal decisions of upstream Mozilla CA maintainers
#
legacy=enable