Package ca-certificates: Specfile
Name: ca-certificates Version: 2021.10.06 Release: alt0.M80P.1 Summary: Common CA Certificates License: MPL/GPL/LGPL Group: System/Base BuildArch: noarch Source0: mozilla.tar Source1: alt.tar BuildRequires: openssl %description This package contains a bundle of X.509 certificates of public Certificate Authorities (CA). This is useful for any applications to verify SSL/TLS connection. Note that certificate authorities whose certificates are included in this package are not in any way audited for trustworthiness and RFC3647 compliance, and that full responsibility to assess them rests with the user. %prep %setup -c -a1 patch -p1 < mozilla/mk-ca-bundle.patch %build export TZ=UTC pushd mozilla ./mk-ca-bundle.pl -t crt popd pushd alt for t in alt; do printf '#\n# %%s\n#\n\n' 'ALT CA' openssl x509 -sha256 -in $t.crt -text -fingerprint printf '\n\n' done >crt popd cat {mozilla,alt}/crt >ca-bundle.crt %install install -pDm644 ca-bundle.crt %buildroot%_datadir/%name/ca-bundle.crt mkdir -p %{buildroot}%_sysconfdir/pki/tls/certs ln -s %_datadir/%name/ca-bundle.crt %{buildroot}%_sysconfdir/pki/tls/certs %files %dir %_sysconfdir/pki/tls %dir %_sysconfdir/pki/tls/certs %_sysconfdir/pki/tls/certs/* %_datadir/%name %changelog * Tue Apr 12 2022 Vitaly Lipatov <lav@altlinux.ru> 2021.10.06-alt0.M80P.1 - sync to ALT p9 version (fix support Let's Encrypt certificates) - mozilla: sync with nss-3.71 * Wed May 04 2016 L.A. Kostis <lakostis@altlinux.ru> 2016.02.25-alt1 - mozilla: updated to February 2016 batch root CA changes. (#bmo 1247990). * Sun Feb 14 2016 L.A. Kostis <lakostis@altlinux.ru> 2015.10.29-alt1 - mozilla: updated to October 2015 batch root CA changes (#bmo 1214729). - added /etc/pki/tls/certs dir (closes: #31213). * Fri Aug 28 2015 L.A. Kostis <lakostis@altlinux.ru> 2015.08.04-alt1 - mozilla/certdata.txt: updated ca-certificates to v2.5. - mozilla/mk-ca-bundle.pl: + updated to v1.25. + use SHA256 for fingerprint. + remove MD5 from valid cert signature list. - remove cacert (untrusted signature). * Wed Feb 08 2012 Dmitry V. Levin <ldv@altlinux.org> 2012.01.17-alt1 - mozilla/certdata.txt: updated to revision 1.81. - Filtered out untrusted certs from mozilla bundle (closes: #26904). * Thu Nov 10 2011 Dmitry V. Levin <ldv@altlinux.org> 2011.11.03-alt1 - mozilla/certdata.txt: updated to revision 1.80. * Fri Sep 02 2011 Dmitry V. Levin <ldv@altlinux.org> 2011.09.02-alt1 - mozilla/certdata.txt: updated to revision 1.78. * Thu Sep 30 2010 Dmitry V. Levin <ldv@altlinux.org> 2010.08.27-alt1 - mozilla/certdata.txt: Updated to revision 1.65. * Sun Apr 05 2009 Dmitry V. Levin <ldv@altlinux.org> 2009.01.15-alt1 - cacert.org: Added http://www.cacert.org/certs/root.crt (closes: #14119). - mozilla/certdata.txt: Updated to revision 1.51 (closes: #19484). * Tue Feb 06 2007 Dmitry V. Levin <ldv@altlinux.org> 2007.02.06-alt1 - Imported a bundle of X.509 certificates of public Certificate Authorities (CA) from openssl package to this package. - Updated Mozilla's root CA list. - Added ALT Root CA. - Added cacert.org Root CA. |