freebsd-dev

d/freebsd-dev

Fork 0

Commit Graph

Author	SHA1	Message	Date
Kyle Evans	f27f39db77	[1/3] Initial infrastructure for SSL root bundle in base This setup will add the trusted certificates from the Mozilla NSS bundle to base. This commit includes: - CAROOT option to opt out of installation of certs - mtree amendments for final destinations - infrastructure to fetch/update certs, along with instructions A follow-up commit will add a certctl(8) utility to give the user control over trust specifics. Another follow-up commit will actually commit the initial result of updatecerts. This work was done primarily by allanjude@, with minor contributions by myself. No objection from: secteam Relnotes: yes Differential Revision: https://reviews.freebsd.org/D16856	2019-10-02 01:05:29 +00:00

Author

SHA1

Message

Date

Kyle Evans

f27f39db77

[1/3] Initial infrastructure for SSL root bundle in base

This setup will add the trusted certificates from the Mozilla NSS bundle
to base.

This commit includes:
- CAROOT option to opt out of installation of certs
- mtree amendments for final destinations
- infrastructure to fetch/update certs, along with instructions

A follow-up commit will add a certctl(8) utility to give the user control
over trust specifics. Another follow-up commit will actually commit the
initial result of updatecerts.

This work was done primarily by allanjude@, with minor contributions by
myself.

No objection from:	secteam
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D16856

2019-10-02 01:05:29 +00:00

1 Commits