[Bug 268841] security/p11-kit: Use base system root certificates
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 09 Jan 2023 13:23:48 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=268841 Bug ID: 268841 Summary: security/p11-kit: Use base system root certificates Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Keywords: needs-qa Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: novel@FreeBSD.org Reporter: tijl@FreeBSD.org Assignee: novel@FreeBSD.org Flags: maintainer-feedback?(novel@FreeBSD.org) Created attachment 239361 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=239361&action=edit patch Drop dependency on ca_root_nss and use base system root certificates instead. This allows users to add their own certificates. trust_paths now points to a directory and that directory contains "anchors" and "blocklist" symlinks pointing to the base system certificate directories. This is based on the documentation from https://p11-glue.github.io/p11-glue/p11-kit/manual/trust-module.html. The list of certificates known to p11-kit can be verified by running "trust list". -- You are receiving this mail because: You are the assignee for the bug.