Prev: Montreal wins Grey Cup 28-27
Next: New search engine
From: Robby Workman on 3 Dec 2009 00:17
On 2009-12-02, Manuel Reimer <mreimer(a)expires-31-12-2009.news-group.org> wrote:
> Robby Workman wrote:
>> http://slackware.com/~rworkman/ca-certificates/
>
> Thanks. Yesterday, some time after I noticed where I may find the root
> certificates, I also wrote a small SlackBuild, but mine just gets the
> certificates from mozilla.org and packages them right into
> /etc/ssl/certs.
>
> This worked for me. Maybe I should post this to slackbuilds.org?


Well, I guess I can do that; I was hesitating because I wasn't sure if
it was something that we actually needed in Slackware proper. I don't
recall now what you said needed it, so what was it?

-RW
From: Manuel Reimer on 3 Dec 2009 01:23
Robby Workman wrote:
> Well, I guess I can do that; I was hesitating because I wasn't sure if
> it was something that we actually needed in Slackware proper. I don't
> recall now what you said needed it, so what was it?

A self written perl software, I use to "remote control" a silly
webinterface, I have to use regularly. I needed the root certificates
somewhere to use it while communicating with the remote HTTPS server.

If you want to have a look at my SlackBuild, I could publish this
somewhere. My solution is much simpler, but worked for my usecase. My
"source" is this file:

http://mxr.mozilla.org/seamonkey/source/security/nss/lib/ckfw/builtins/certdata.txt?raw=1

Anything, I do, is to translate this to pm-files and place them to
etc/ssl/certs in the resulting package. For this translation, I use the
ruby script, which can be found in the debian package. This works for
most HTTPS servers on the web. I don't know what the additional
certificates in this debian package are for and I don't know if I want
to trust them.

IMHO Mozilla has a pretty good policy for accepting new root
certificates.

CU

Manuel

First  |  Prev  | 
Pages: 1 2
Prev: Montreal wins Grey Cup 28-27
Next: New search engine