Mercurial > illumos > illumos-gate
changeset 13446:f342d051b376
1445 Stop trusting the diginotar cert
Reviewed by: Gordon Ross <gwr@nexenta.com>
Reviewed by: Dan McDonald <danmcd@nexenta.com>
Approved by: Garrett D'Amore <garrett@nexenta.com>
author | Richard Lowe <richlowe@richlowe.net> |
---|---|
date | Sat, 03 Sep 2011 16:58:54 -0400 |
parents | 4dad26dd1fb9 |
children | 99622235dae0 |
files | usr/src/cmd/cmd-crypto/etc/CA-certs/DigiNotar_Root_CA.pem usr/src/cmd/cmd-crypto/etc/Makefile.ca-links usr/src/pkg/manifests/crypto-ca-certificates.mf |
diffstat | 3 files changed, 0 insertions(+), 36 deletions(-) [+] |
line wrap: on
line diff
--- a/usr/src/cmd/cmd-crypto/etc/CA-certs/DigiNotar_Root_CA.pem Fri Sep 02 16:41:08 2011 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,32 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFijCCA3KgAwIBAgIQDHbanJEMTiye/hXQWJM8TDANBgkqhkiG9w0BAQUFADBf -MQswCQYDVQQGEwJOTDESMBAGA1UEChMJRGlnaU5vdGFyMRowGAYDVQQDExFEaWdp -Tm90YXIgUm9vdCBDQTEgMB4GCSqGSIb3DQEJARYRaW5mb0BkaWdpbm90YXIubmww -HhcNMDcwNTE2MTcxOTM2WhcNMjUwMzMxMTgxOTIxWjBfMQswCQYDVQQGEwJOTDES -MBAGA1UEChMJRGlnaU5vdGFyMRowGAYDVQQDExFEaWdpTm90YXIgUm9vdCBDQTEg -MB4GCSqGSIb3DQEJARYRaW5mb0BkaWdpbm90YXIubmwwggIiMA0GCSqGSIb3DQEB -AQUAA4ICDwAwggIKAoICAQCssFjBAL3YIQgLK5r+blYwBZ8bd5AQQVzDDYcRd46B -8cp86Yxq7Th0Nbva3/m7wAk3tJZzgX0zGpg595NvlX89ubF1h7pRSOiLcD6VBMXY -tsMW2YiwsYcdcNqGtA8Ui3rPENF0NqISe3eGSnnme98CEWilToauNFibJBN4ViIl -HgGLS1Fx+4LMWZZpiFpoU8W5DQI3y0u8ZkqQfioLBQftFl9VkHXYRskbg+IIvvEj -zJkd1ioPgyAVWCeCLvriIsJJsbkBgWqdbZ1Ad2h2TiEqbYRAhU52mXyC8/O3AlnU -JgEbjt+tUwbRrhjd4rI6y9eIOI6sWym5GdOY+RgDz0iChmYLG2kPyes4iHomGgVM -ktck1JbyrFIto0fVUvY//s6EBnCmqj6i8rZWNBhXouSBbefK8GrTx5FrAoNBfBXv -a5pkXuPQPOWx63tdhvvL5ndJzaNl3Pe5nLjkC1+Tz8wwGjIczhxjlaX56uF0i57p -K6kwe6AYHw4YC+VbqdPRbB4HZ4+RS6mKvNJmqpMBiLKR+jFc1abBUggJzQpjotMi -puih2TkGl/VujQKQjBR7P4DNG5y6xFhyI6+2Vp/GekIzKQc/gsnmHwUNzUwoNovT -yD4cxojvXu6JZOkd69qJfjKmadHdzIif0dDJZiHcBmfFlHqabWJMfczgZICynkeO -owIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNV -HQ4EFgQUiGi/4I41xDs4a2L3KDuEgcgM100wDQYJKoZIhvcNAQEFBQADggIBADsC -jcs8MOhuoK3yc7NfniUTBAXT9uOLuwt5zlPe5JbF0a9zvNXD0EBVfEB/zRtfCdXy -fJ9oHbtdzno5wozWmHvFg1Wo1X1AyuAe94leY12hE8JdiraKfADzI8PthV9xdvBo -Y6pFITlIYXg23PFDk9Qlx/KAZeFTAnVR/Ho67zerhChXDNjU1JlWbOOi/lmEtDHo -M/hklJRRl6s5xUvt2t2AC298KQ3EjopyDedTFLJgQT2EkTFoPSdE2+Xe9PpjRchM -Ppj1P0G6Tss3DbpmmPHdy59c91Q2gmssvBNhl0L4eLvMyKKfyvBovWsdst+Nbwed -2o5nx0ceyrm/KkKRt2NTZvFCo+H0Wk1Ya7XkpDOtXHAd3ODy63MUkZoDweoAZbwH -/M8SESIsrqC9OuCiKthZ6SnTGDWkrBFfGbW1G/8iSlzGeuQX7yCpp/Q/rYqnmgQl -nQ7KN+ZQ/YxCKQSa7LnPS3K94gg2ryMvYuXKAdNw23yCIywWMQzGNgeQerEfZ1jE -O1hZibCMjFCz2IbLaKPECudpSyDOwR5WS5WpI2jYMNjD67BVUc3l/Su49bsRn1NU -9jQZjHkJNsphFyUXC4KYcwx3dMPVDceoEkzHp1RxRy4sGn3J4ys7SN4nhKdjNrN9 -j6BkOSQNPXuHr2ZcdBtLc7LljPCGmbjlxd+Ewbfr ------END CERTIFICATE-----
--- a/usr/src/cmd/cmd-crypto/etc/Makefile.ca-links Fri Sep 02 16:41:08 2011 -0700 +++ b/usr/src/cmd/cmd-crypto/etc/Makefile.ca-links Sat Sep 03 16:58:54 2011 -0400 @@ -64,7 +64,6 @@ DigiCert_Assured_ID_Root_CA.pem \ DigiCert_Global_Root_CA.pem \ DigiCert_High_Assurance_EV_Root_CA.pem \ - DigiNotar_Root_CA.pem \ Digital_Signature_Trust_Co._Global_CA_1.pem \ Digital_Signature_Trust_Co._Global_CA_2.pem \ Digital_Signature_Trust_Co._Global_CA_3.pem \
--- a/usr/src/pkg/manifests/crypto-ca-certificates.mf Fri Sep 02 16:41:08 2011 -0700 +++ b/usr/src/pkg/manifests/crypto-ca-certificates.mf Sat Sep 03 16:58:54 2011 -0400 @@ -69,7 +69,6 @@ file path=etc/certs/CA/DigiCert_Assured_ID_Root_CA.pem group=sys file path=etc/certs/CA/DigiCert_Global_Root_CA.pem group=sys file path=etc/certs/CA/DigiCert_High_Assurance_EV_Root_CA.pem group=sys -file path=etc/certs/CA/DigiNotar_Root_CA.pem group=sys file path=etc/certs/CA/Digital_Signature_Trust_Co._Global_CA_1.pem group=sys file path=etc/certs/CA/Digital_Signature_Trust_Co._Global_CA_2.pem group=sys file path=etc/certs/CA/Digital_Signature_Trust_Co._Global_CA_3.pem group=sys @@ -419,8 +418,6 @@ target=../../certs/CA/Entrust_Root_Certification_Authority.pem link path=etc/openssl/certs/bf87590f.0 \ target=../../certs/CA/beTRUSTed_Root_CA_-_RSA_Implementation.pem -link path=etc/openssl/certs/c0cafbd2.0 \ - target=../../certs/CA/DigiNotar_Root_CA.pem link path=etc/openssl/certs/c19d42c7.0 \ target=../../certs/CA/Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.pem link path=etc/openssl/certs/c215bc69.0 \