Fix accidental breakage of anchors
This commit is contained in:
parent
eb574a7166
commit
d342d6f51a
@ -6,6 +6,8 @@
|
||||
certificate stores - only the trust store and NSSDB are distributed
|
||||
- Added "Wants=network-online.target" to update-pki.service - Thanks to
|
||||
Brendan L for the fix
|
||||
- No longer generate Java p12 format cacerts
|
||||
- Create Redhat compatibility link for external programs to PEM bundle
|
||||
0.8 - Use 'openssl rehash' instead of c-rehash script
|
||||
0.7 - Generate both PKCS#12 and JKS stores for Java
|
||||
- Local certs keep out of band trust when copied to system certs
|
||||
|
9
make-ca
Normal file → Executable file
9
make-ca
Normal file → Executable file
@ -527,6 +527,11 @@ for tempfile in ${TEMPDIR}/certs/*.tmp; do
|
||||
"${tempfile}") | "${OPENSSL}" x509 -text -inform DER -fingerprint \
|
||||
> tempfile.crt
|
||||
|
||||
# Get individual values for certificates
|
||||
certkey="$(${OPENSSL} x509 -in tempfile.crt -noout -pubkey)"
|
||||
certcer="$(${OPENSSL} x509 -in tempfile.crt)"
|
||||
certtxt="$(${OPENSSL} x509 -in tempfile.crt -noout -text)"
|
||||
|
||||
# Get p11-kit label, oid, and values
|
||||
p11label="$(grep -m1 "Issuer" ${tempfile} | grep -o CN=.*$ | \
|
||||
cut -d ',' -f 1 | sed 's@CN=@@')"
|
||||
@ -662,6 +667,10 @@ if test -d "${LOCALDIR}"; then
|
||||
if test "${catrust}" == ""; then catrust=$(echo "${rejectlist}" | \
|
||||
grep "Client Auth" 2>&1> /dev/null && echo "p"); fi
|
||||
|
||||
# Get individual values for certificates
|
||||
certkey="$(${OPENSSL} x509 -in ${cert} -noout -pubkey)"
|
||||
certcer="$(${OPENSSL} x509 -in ${cert})"
|
||||
certtxt="$(${OPENSSL} x509 -in ${cert} -noout -text)"
|
||||
|
||||
# Place certificate into trust anchors dir
|
||||
p11label="$(grep -m1 "Issuer" ${cert} | grep -o CN=.*$ | \
|
||||
|
Loading…
Reference in New Issue
Block a user