rpms/ca-certificates/devel ca-bundle.crt, NONE, 1.1 ca-certificates.spec, NONE, 1.1 generate-cacerts.pl, NONE, 1.1 mkcabundle.pl, NONE, 1.1
Joe Orton (jorton)
fedora-extras-commits at redhat.com
Mon Jun 2 08:48:12 UTC 2008
Author: jorton
Update of /cvs/extras/rpms/ca-certificates/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv25785/devel
Added Files:
ca-bundle.crt ca-certificates.spec generate-cacerts.pl
mkcabundle.pl
Log Message:
Import ca-certificates 2008-4.
--- NEW FILE ca-bundle.crt ---
# This is a bundle of X.509 certificates of public Certificate
# Authorities. It was generated from the Mozilla root CA list.
#
# Source: mozilla/security/nss/lib/ckfw/builtins/certdata.txt
#
# Generated from certdata.txt RCS revision 1.48
#
Certificate:
Data:
Version: 1 (0x0)
Serial Number:
02:ad:66:7e:4e:45:fe:5e:57:6f:3c:98:19:5e:dd:c0
Signature Algorithm: md2WithRSAEncryption
Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
Validity
Not Before: Nov 9 00:00:00 1994 GMT
Not After : Jan 7 23:59:59 2010 GMT
Subject: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1000 bit)
Modulus (1000 bit):
00:92:ce:7a:c1:ae:83:3e:5a:aa:89:83:57:ac:25:
01:76:0c:ad:ae:8e:2c:37:ce:eb:35:78:64:54:03:
e5:84:40:51:c9:bf:8f:08:e2:8a:82:08:d2:16:86:
37:55:e9:b1:21:02:ad:76:68:81:9a:05:a2:4b:c9:
4b:25:66:22:56:6c:88:07:8f:f7:81:59:6d:84:07:
65:70:13:71:76:3e:9b:77:4c:e3:50:89:56:98:48:
b9:1d:a7:29:1a:13:2e:4a:11:59:9c:1e:15:d5:49:
54:2c:73:3a:69:82:b1:97:39:9c:6d:70:67:48:e5:
dd:2d:d6:c8:1e:7b
Exponent: 65537 (0x10001)
Signature Algorithm: md2WithRSAEncryption
65:dd:7e:e1:b2:ec:b0:e2:3a:e0:ec:71:46:9a:19:11:b8:d3:
c7:a0:b4:03:40:26:02:3e:09:9c:e1:12:b3:d1:5a:f6:37:a5:
b7:61:03:b6:5b:16:69:3b:c6:44:08:0c:88:53:0c:6b:97:49:
c7:3e:35:dc:6c:b9:bb:aa:df:5c:bb:3a:2f:93:60:b6:a9:4b:
4d:f2:20:f7:cd:5f:7f:64:7b:8e:dc:00:5c:d7:fa:77:ca:39:
16:59:6f:0e:ea:d3:b5:83:7f:4d:4d:42:56:76:b4:c9:5f:04:
f8:38:f8:eb:d2:5f:75:5f:cd:7b:fc:e5:8e:80:7c:fc:50
SHA1 Fingerprint=44:63:C5:31:D7:CC:C1:00:67:94:61:2B:B6:56:D3:BF:82:57:84:6F
-----BEGIN CERTIFICATE-----
MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkG
A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0
MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNV
BAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2Vy
dmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJ
ADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII
0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphI
uR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZI
hvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3
YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc
1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 1 (0x0)
Serial Number: 419 (0x1a3)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=US, O=GTE Corporation, CN=GTE CyberTrust Root
Validity
Not Before: Feb 23 23:01:00 1996 GMT
Not After : Feb 23 23:59:00 2006 GMT
Subject: C=US, O=GTE Corporation, CN=GTE CyberTrust Root
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:b8:e6:4f:ba:db:98:7c:71:7c:af:44:b7:d3:0f:
46:d9:64:e5:93:c1:42:8e:c7:ba:49:8d:35:2d:7a:
e7:8b:bd:e5:05:31:59:c6:b1:2f:0a:0c:fb:9f:a7:
3f:a2:09:66:84:56:1e:37:29:1b:87:e9:7e:0c:ca:
9a:9f:a5:7f:f5:15:94:a3:d5:a2:46:82:d8:68:4c:
d1:37:15:06:68:af:bd:f8:b0:b3:f0:29:f5:95:5a:
09:16:61:77:0a:22:25:d4:4f:45:aa:c7:bd:e5:96:
df:f9:d4:a8:8e:42:cc:24:c0:1e:91:27:4a:b5:6d:
06:80:63:39:c4:a2:5e:38:03
Exponent: 65537 (0x10001)
Signature Algorithm: md5WithRSAEncryption
12:b3:75:c6:5f:1d:e1:61:55:80:00:d4:81:4b:7b:31:0f:23:
63:e7:3d:f3:03:f9:f4:36:a8:bb:d9:e3:a5:97:4d:ea:2b:29:
e0:d6:6a:73:81:e6:c0:89:a3:d3:f1:e0:a5:a5:22:37:9a:63:
c2:48:20:b4:db:72:e3:c8:f6:d9:7c:be:b1:af:53:da:14:b4:
21:b8:d6:d5:96:e3:fe:4e:0c:59:62:b6:9a:4a:f9:42:dd:8c:
6f:81:a9:71:ff:f4:0a:72:6d:6d:44:0e:9d:f3:74:74:a8:d5:
34:49:e9:5e:9e:e9:b4:7a:e1:e5:5a:1f:84:30:9c:d3:9f:a5:
25:d8
SHA1 Fingerprint=90:DE:DE:9E:4C:4E:9F:6F:D8:86:17:57:9D:D3:91:BC:65:A6:89:64
-----BEGIN CERTIFICATE-----
MIIB+jCCAWMCAgGjMA0GCSqGSIb3DQEBBAUAMEUxCzAJBgNVBAYTAlVTMRgwFgYD
VQQKEw9HVEUgQ29ycG9yYXRpb24xHDAaBgNVBAMTE0dURSBDeWJlclRydXN0IFJv
b3QwHhcNOTYwMjIzMjMwMTAwWhcNMDYwMjIzMjM1OTAwWjBFMQswCQYDVQQGEwJV
UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
cnVzdCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC45k+625h8cXyv
RLfTD0bZZOWTwUKOx7pJjTUteueLveUFMVnGsS8KDPufpz+iCWaEVh43KRuH6X4M
ypqfpX/1FZSj1aJGgthoTNE3FQZor734sLPwKfWVWgkWYXcKIiXUT0Wqx73llt/5
1KiOQswkwB6RJ0q1bQaAYznEol44AwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABKz
dcZfHeFhVYAA1IFLezEPI2PnPfMD+fQ2qLvZ46WXTeorKeDWanOB5sCJo9Px4KWl
IjeaY8JIILTbcuPI9tl8vrGvU9oUtCG41tWW4/5ODFlitppK+ULdjG+BqXH/9Apy
bW1EDp3zdHSo1TRJ6V6e6bR64eVaH4QwnNOfpSXY
-----END CERTIFICATE-----
Certificate:
Data:
Version: 1 (0x0)
Serial Number: 421 (0x1a5)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
Validity
Not Before: Aug 13 00:29:00 1998 GMT
Not After : Aug 13 23:59:00 2018 GMT
Subject: C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:95:0f:a0:b6:f0:50:9c:e8:7a:c7:88:cd:dd:17:
0e:2e:b0:94:d0:1b:3d:0e:f6:94:c0:8a:94:c7:06:
c8:90:97:c8:b8:64:1a:7a:7e:6c:3c:53:e1:37:28:
73:60:7f:b2:97:53:07:9f:53:f9:6d:58:94:d2:af:
8d:6d:88:67:80:e6:ed:b2:95:cf:72:31:ca:a5:1c:
72:ba:5c:02:e7:64:42:e7:f9:a9:2c:d6:3a:0d:ac:
8d:42:aa:24:01:39:e6:9c:3f:01:85:57:0d:58:87:
45:f8:d3:85:aa:93:69:26:85:70:48:80:3f:12:15:
c7:79:b4:1f:05:2f:3b:62:99
Exponent: 65537 (0x10001)
Signature Algorithm: md5WithRSAEncryption
6d:eb:1b:09:e9:5e:d9:51:db:67:22:61:a4:2a:3c:48:77:e3:
a0:7c:a6:de:73:a2:14:03:85:3d:fb:ab:0e:30:c5:83:16:33:
81:13:08:9e:7b:34:4e:df:40:c8:74:d7:b9:7d:dc:f4:76:55:
7d:9b:63:54:18:e9:f0:ea:f3:5c:b1:d9:8b:42:1e:b9:c0:95:
4e:ba:fa:d5:e2:7c:f5:68:61:bf:8e:ec:05:97:5f:5b:b0:d7:
a3:85:34:c4:24:a7:0d:0f:95:93:ef:cb:94:d8:9e:1f:9d:5c:
85:6d:c7:aa:ae:4f:1f:22:b5:cd:95:ad:ba:a7:cc:f9:ab:0b:
7a:7f
SHA1 Fingerprint=97:81:79:50:D8:1C:96:70:CC:34:D8:09:CF:79:44:31:36:7E:F4:74
-----BEGIN CERTIFICATE-----
MIICWjCCAcMCAgGlMA0GCSqGSIb3DQEBBAUAMHUxCzAJBgNVBAYTAlVTMRgwFgYD
VQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNv
bHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVyVHJ1c3QgR2xvYmFsIFJv
b3QwHhcNOTgwODEzMDAyOTAwWhcNMTgwODEzMjM1OTAwWjB1MQswCQYDVQQGEwJV
UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
b2JhbCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVD6C28FCc6HrH
iM3dFw4usJTQGz0O9pTAipTHBsiQl8i4ZBp6fmw8U+E3KHNgf7KXUwefU/ltWJTS
r41tiGeA5u2ylc9yMcqlHHK6XALnZELn+aks1joNrI1CqiQBOeacPwGFVw1Yh0X4
04Wqk2kmhXBIgD8SFcd5tB8FLztimQIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAG3r
GwnpXtlR22ciYaQqPEh346B8pt5zohQDhT37qw4wxYMWM4ETCJ57NE7fQMh017l9
3PR2VX2bY1QY6fDq81yx2YtCHrnAlU66+tXifPVoYb+O7AWXX1uw16OFNMQkpw0P
lZPvy5TYnh+dXIVtx6quTx8itc2VrbqnzPmrC3p/
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 0 (0x0)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting, OU=Certification Services Division, CN=Thawte Personal Basic CA/emailAddress=personal-basic at thawte.com
Validity
Not Before: Jan 1 00:00:00 1996 GMT
Not After : Dec 31 23:59:59 2020 GMT
Subject: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting, OU=Certification Services Division, CN=Thawte Personal Basic CA/emailAddress=personal-basic at thawte.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:bc:bc:93:53:6d:c0:50:4f:82:15:e6:48:94:35:
a6:5a:be:6f:42:fa:0f:47:ee:77:75:72:dd:8d:49:
9b:96:57:a0:78:d4:ca:3f:51:b3:69:0b:91:76:17:
22:07:97:6a:c4:51:93:4b:e0:8d:ef:37:95:a1:0c:
4d:da:34:90:1d:17:89:97:e0:35:38:57:4a:c0:f4:
08:70:e9:3c:44:7b:50:7e:61:9a:90:e3:23:d3:88:
11:46:27:f5:0b:07:0e:bb:dd:d1:7f:20:0a:88:b9:
56:0b:2e:1c:80:da:f1:e3:9e:29:ef:14:bd:0a:44:
fb:1b:5b:18:d1:bf:23:93:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: md5WithRSAEncryption
2d:e2:99:6b:b0:3d:7a:89:d7:59:a2:94:01:1f:2b:dd:12:4b:
53:c2:ad:7f:aa:a7:00:5c:91:40:57:25:4a:38:aa:84:70:b9:
d9:80:0f:a5:7b:5c:fb:73:c6:bd:d7:8a:61:5c:03:e3:2d:27:
a8:17:e0:84:85:42:dc:5e:9b:c6:b7:b2:6d:bb:74:af:e4:3f:
cb:a7:b7:b0:e0:5d:be:78:83:25:94:d2:db:81:0f:79:07:6d:
4f:f4:39:15:5a:52:01:7b:de:32:d6:4d:38:f6:12:5c:06:50:
df:05:5b:bd:14:4b:a1:df:29:ba:3b:41:8d:f7:63:56:a1:df:
22:b1
SHA1 Fingerprint=40:E7:8C:1D:52:3D:1C:D9:95:4F:AC:1A:1A:B3:BD:3C:BA:A1:5B:FC
-----BEGIN CERTIFICATE-----
MIIDITCCAoqgAwIBAgIBADANBgkqhkiG9w0BAQQFADCByzELMAkGA1UEBhMCWkEx
FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYD
VQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT
ZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UEAxMYVGhhd3RlIFBlcnNvbmFsIEJhc2lj
[...10226 lines suppressed...]
Not After : Mar 31 18:19:21 2025 GMT
Subject: C=NL, O=DigiNotar, CN=DigiNotar Root CA/emailAddress=info at diginotar.nl
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (4096 bit)
Modulus (4096 bit):
00:ac:b0:58:c1:00:bd:d8:21:08:0b:2b:9a:fe:6e:
56:30:05:9f:1b:77:90:10:41:5c:c3:0d:87:11:77:
8e:81:f1:ca:7c:e9:8c:6a:ed:38:74:35:bb:da:df:
f9:bb:c0:09:37:b4:96:73:81:7d:33:1a:98:39:f7:
93:6f:95:7f:3d:b9:b1:75:87:ba:51:48:e8:8b:70:
3e:95:04:c5:d8:b6:c3:16:d9:88:b0:b1:87:1d:70:
da:86:b4:0f:14:8b:7a:cf:10:d1:74:36:a2:12:7b:
77:86:4a:79:e6:7b:df:02:11:68:a5:4e:86:ae:34:
58:9b:24:13:78:56:22:25:1e:01:8b:4b:51:71:fb:
82:cc:59:96:69:88:5a:68:53:c5:b9:0d:02:37:cb:
4b:bc:66:4a:90:7e:2a:0b:05:07:ed:16:5f:55:90:
75:d8:46:c9:1b:83:e2:08:be:f1:23:cc:99:1d:d6:
2a:0f:83:20:15:58:27:82:2e:fa:e2:22:c2:49:b1:
b9:01:81:6a:9d:6d:9d:40:77:68:76:4e:21:2a:6d:
84:40:85:4e:76:99:7c:82:f3:f3:b7:02:59:d4:26:
01:1b:8e:df:ad:53:06:d1:ae:18:dd:e2:b2:3a:cb:
d7:88:38:8e:ac:5b:29:b9:19:d3:98:f9:18:03:cf:
48:82:86:66:0b:1b:69:0f:c9:eb:38:88:7a:26:1a:
05:4c:92:d7:24:d4:96:f2:ac:52:2d:a3:47:d5:52:
f6:3f:fe:ce:84:06:70:a6:aa:3e:a2:f2:b6:56:34:
18:57:a2:e4:81:6d:e7:ca:f0:6a:d3:c7:91:6b:02:
83:41:7c:15:ef:6b:9a:64:5e:e3:d0:3c:e5:b1:eb:
7b:5d:86:fb:cb:e6:77:49:cd:a3:65:dc:f7:b9:9c:
b8:e4:0b:5f:93:cf:cc:30:1a:32:1c:ce:1c:63:95:
a5:f9:ea:e1:74:8b:9e:e9:2b:a9:30:7b:a0:18:1f:
0e:18:0b:e5:5b:a9:d3:d1:6c:1e:07:67:8f:91:4b:
a9:8a:bc:d2:66:aa:93:01:88:b2:91:fa:31:5c:d5:
a6:c1:52:08:09:cd:0a:63:a2:d3:22:a6:e8:a1:d9:
39:06:97:f5:6e:8d:02:90:8c:14:7b:3f:80:cd:1b:
9c:ba:c4:58:72:23:af:b6:56:9f:c6:7a:42:33:29:
07:3f:82:c9:e6:1f:05:0d:cd:4c:28:36:8b:d3:c8:
3e:1c:c6:88:ef:5e:ee:89:64:e9:1d:eb:da:89:7e:
32:a6:69:d1:dd:cc:88:9f:d1:d0:c9:66:21:dc:06:
67:c5:94:7a:9a:6d:62:4c:7d:cc:e0:64:80:b2:9e:
47:8e:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Subject Key Identifier:
88:68:BF:E0:8E:35:C4:3B:38:6B:62:F7:28:3B:84:81:C8:0C:D7:4D
Signature Algorithm: sha1WithRSAEncryption
3b:02:8d:cb:3c:30:e8:6e:a0:ad:f2:73:b3:5f:9e:25:13:04:
05:d3:f6:e3:8b:bb:0b:79:ce:53:de:e4:96:c5:d1:af:73:bc:
d5:c3:d0:40:55:7c:40:7f:cd:1b:5f:09:d5:f2:7c:9f:68:1d:
bb:5d:ce:7a:39:c2:8c:d6:98:7b:c5:83:55:a8:d5:7d:40:ca:
e0:1e:f7:89:5e:63:5d:a1:13:c2:5d:8a:b6:8a:7c:00:f3:23:
c3:ed:85:5f:71:76:f0:68:63:aa:45:21:39:48:61:78:36:dc:
f1:43:93:d4:25:c7:f2:80:65:e1:53:02:75:51:fc:7a:3a:ef:
37:ab:84:28:57:0c:d8:d4:d4:99:56:6c:e3:a2:fe:59:84:b4:
31:e8:33:f8:64:94:94:51:97:ab:39:c5:4b:ed:da:dd:80:0b:
6f:7c:29:0d:c4:8e:8a:72:0d:e7:53:14:b2:60:41:3d:84:91:
31:68:3d:27:44:db:e5:de:f4:fa:63:45:c8:4c:3e:98:f5:3f:
41:ba:4e:cb:37:0d:ba:66:98:f1:dd:cb:9f:5c:f7:54:36:82:
6b:2c:bc:13:61:97:42:f8:78:bb:cc:c8:a2:9f:ca:f0:68:bd:
6b:1d:b2:df:8d:6f:07:9d:da:8e:67:c7:47:1e:ca:b9:bf:2a:
42:91:b7:63:53:66:f1:42:a3:e1:f4:5a:4d:58:6b:b5:e4:a4:
33:ad:5c:70:1d:dc:e0:f2:eb:73:14:91:9a:03:c1:ea:00:65:
bc:07:fc:cf:12:11:22:2c:ae:a0:bd:3a:e0:a2:2a:d8:59:e9:
29:d3:18:35:a4:ac:11:5f:19:b5:b5:1b:ff:22:4a:5c:c6:7a:
e4:17:ef:20:a9:a7:f4:3f:ad:8a:a7:9a:04:25:9d:0e:ca:37:
e6:50:fd:8c:42:29:04:9a:ec:b9:cf:4b:72:bd:e2:08:36:af:
23:2f:62:e5:ca:01:d3:70:db:7c:82:23:2c:16:31:0c:c6:36:
07:90:7a:b1:1f:67:58:c4:3b:58:59:89:b0:8c:8c:50:b3:d8:
86:cb:68:a3:c4:0a:e7:69:4b:20:ce:c1:1e:56:4b:95:a9:23:
68:d8:30:d8:c3:eb:b0:55:51:cd:e5:fd:2b:b8:f5:bb:11:9f:
53:54:f6:34:19:8c:79:09:36:ca:61:17:25:17:0b:82:98:73:
0c:77:74:c3:d5:0d:c7:a8:12:4c:c7:a7:54:71:47:2e:2c:1a:
7d:c9:e3:2b:3b:48:de:27:84:a7:63:36:b3:7d:8f:a0:64:39:
24:0d:3d:7b:87:af:66:5c:74:1b:4b:73:b2:e5:8c:f0:86:99:
b8:e5:c5:df:84:c1:b7:eb
SHA1 Fingerprint=C0:60:ED:44:CB:D8:81:BD:0E:F8:6C:0B:A2:87:DD:CF:81:67:47:8C
-----BEGIN CERTIFICATE-----
MIIFijCCA3KgAwIBAgIQDHbanJEMTiye/hXQWJM8TDANBgkqhkiG9w0BAQUFADBf
MQswCQYDVQQGEwJOTDESMBAGA1UEChMJRGlnaU5vdGFyMRowGAYDVQQDExFEaWdp
Tm90YXIgUm9vdCBDQTEgMB4GCSqGSIb3DQEJARYRaW5mb0BkaWdpbm90YXIubmww
HhcNMDcwNTE2MTcxOTM2WhcNMjUwMzMxMTgxOTIxWjBfMQswCQYDVQQGEwJOTDES
MBAGA1UEChMJRGlnaU5vdGFyMRowGAYDVQQDExFEaWdpTm90YXIgUm9vdCBDQTEg
MB4GCSqGSIb3DQEJARYRaW5mb0BkaWdpbm90YXIubmwwggIiMA0GCSqGSIb3DQEB
AQUAA4ICDwAwggIKAoICAQCssFjBAL3YIQgLK5r+blYwBZ8bd5AQQVzDDYcRd46B
8cp86Yxq7Th0Nbva3/m7wAk3tJZzgX0zGpg595NvlX89ubF1h7pRSOiLcD6VBMXY
tsMW2YiwsYcdcNqGtA8Ui3rPENF0NqISe3eGSnnme98CEWilToauNFibJBN4ViIl
HgGLS1Fx+4LMWZZpiFpoU8W5DQI3y0u8ZkqQfioLBQftFl9VkHXYRskbg+IIvvEj
zJkd1ioPgyAVWCeCLvriIsJJsbkBgWqdbZ1Ad2h2TiEqbYRAhU52mXyC8/O3AlnU
JgEbjt+tUwbRrhjd4rI6y9eIOI6sWym5GdOY+RgDz0iChmYLG2kPyes4iHomGgVM
ktck1JbyrFIto0fVUvY//s6EBnCmqj6i8rZWNBhXouSBbefK8GrTx5FrAoNBfBXv
a5pkXuPQPOWx63tdhvvL5ndJzaNl3Pe5nLjkC1+Tz8wwGjIczhxjlaX56uF0i57p
K6kwe6AYHw4YC+VbqdPRbB4HZ4+RS6mKvNJmqpMBiLKR+jFc1abBUggJzQpjotMi
puih2TkGl/VujQKQjBR7P4DNG5y6xFhyI6+2Vp/GekIzKQc/gsnmHwUNzUwoNovT
yD4cxojvXu6JZOkd69qJfjKmadHdzIif0dDJZiHcBmfFlHqabWJMfczgZICynkeO
owIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNV
HQ4EFgQUiGi/4I41xDs4a2L3KDuEgcgM100wDQYJKoZIhvcNAQEFBQADggIBADsC
jcs8MOhuoK3yc7NfniUTBAXT9uOLuwt5zlPe5JbF0a9zvNXD0EBVfEB/zRtfCdXy
fJ9oHbtdzno5wozWmHvFg1Wo1X1AyuAe94leY12hE8JdiraKfADzI8PthV9xdvBo
Y6pFITlIYXg23PFDk9Qlx/KAZeFTAnVR/Ho67zerhChXDNjU1JlWbOOi/lmEtDHo
M/hklJRRl6s5xUvt2t2AC298KQ3EjopyDedTFLJgQT2EkTFoPSdE2+Xe9PpjRchM
Ppj1P0G6Tss3DbpmmPHdy59c91Q2gmssvBNhl0L4eLvMyKKfyvBovWsdst+Nbwed
2o5nx0ceyrm/KkKRt2NTZvFCo+H0Wk1Ya7XkpDOtXHAd3ODy63MUkZoDweoAZbwH
/M8SESIsrqC9OuCiKthZ6SnTGDWkrBFfGbW1G/8iSlzGeuQX7yCpp/Q/rYqnmgQl
nQ7KN+ZQ/YxCKQSa7LnPS3K94gg2ryMvYuXKAdNw23yCIywWMQzGNgeQerEfZ1jE
O1hZibCMjFCz2IbLaKPECudpSyDOwR5WS5WpI2jYMNjD67BVUc3l/Su49bsRn1NU
9jQZjHkJNsphFyUXC4KYcwx3dMPVDceoEkzHp1RxRy4sGn3J4ys7SN4nhKdjNrN9
j6BkOSQNPXuHr2ZcdBtLc7LljPCGmbjlxd+Ewbfr
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:cb:33:6f:c2:5c:16:e6:47:16:17:e3:90:31:68:e0
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, O=Network Solutions L.L.C., CN=Network Solutions Certificate Authority
Validity
Not Before: Dec 1 00:00:00 2006 GMT
Not After : Dec 31 23:59:59 2029 GMT
Subject: C=US, O=Network Solutions L.L.C., CN=Network Solutions Certificate Authority
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
Modulus (2048 bit):
00:e4:bc:7e:92:30:6d:c6:d8:8e:2b:0b:bc:46:ce:
e0:27:96:de:de:f9:fa:12:d3:3c:33:73:b3:04:2f:
bc:71:8c:e5:9f:b6:22:60:3e:5f:5d:ce:09:ff:82:
0c:1b:9a:51:50:1a:26:89:dd:d5:61:5d:19:dc:12:
0f:2d:0a:a2:43:5d:17:d0:34:92:20:ea:73:cf:38:
2c:06:26:09:7a:72:f7:fa:50:32:f8:c2:93:d3:69:
a2:23:ce:41:b1:cc:e4:d5:1f:36:d1:8a:3a:f8:8c:
63:e2:14:59:69:ed:0d:d3:7f:6b:e8:b8:03:e5:4f:
6a:e5:98:63:69:48:05:be:2e:ff:33:b6:e9:97:59:
69:f8:67:19:ae:93:61:96:44:15:d3:72:b0:3f:bc:
6a:7d:ec:48:7f:8d:c3:ab:aa:71:2b:53:69:41:53:
34:b5:b0:b9:c5:06:0a:c4:b0:45:f5:41:5d:6e:89:
45:7b:3d:3b:26:8c:74:c2:e5:d2:d1:7d:b2:11:d4:
fb:58:32:22:9a:80:c9:dc:fd:0c:e9:7f:5e:03:97:
ce:3b:00:14:87:27:70:38:a9:8e:6e:b3:27:76:98:
51:e0:05:e3:21:ab:1a:d5:85:22:3c:29:b5:9a:16:
c5:80:a8:f4:bb:6b:30:8f:2f:46:02:a2:b1:0c:22:
e0:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:30:C9:FB:00:D7:4E:98:DA:87:AA:2A:D0:A7:2E:B1:40:31:A7:4C
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
URI:http://crl.netsolssl.com/NetworkSolutionsCertificateAuthority.crl
Signature Algorithm: sha1WithRSAEncryption
bb:ae:4b:e7:b7:57:eb:7f:aa:2d:b7:73:47:85:6a:c1:e4:a5:
1d:e4:e7:3c:e9:f4:59:65:77:b5:7a:5b:5a:8d:25:36:e0:7a:
97:2e:38:c0:57:60:83:98:06:83:9f:b9:76:7a:6e:50:e0:ba:
88:2c:fc:45:cc:18:b0:99:95:51:0e:ec:1d:b8:88:ff:87:50:
1c:82:c2:e3:e0:32:80:bf:a0:0b:47:c8:c3:31:ef:99:67:32:
80:4f:17:21:79:0c:69:5c:de:5e:34:ae:02:b5:26:ea:50:df:
7f:18:65:2c:c9:f2:63:e1:a9:07:fe:7c:71:1f:6b:33:24:6a:
1e:05:f7:05:68:c0:6a:12:cb:2e:5e:61:cb:ae:28:d3:7e:c2:
b4:66:91:26:5f:3c:2e:24:5f:cb:58:0f:eb:28:ec:af:11:96:
f3:dc:7b:6f:c0:a7:88:f2:53:77:b3:60:5e:ae:ae:28:da:35:
2c:6f:34:45:d3:26:e1:de:ec:5b:4f:27:6b:16:7c:bd:44:04:
18:82:b3:89:79:17:10:71:3d:7a:a2:16:4e:f5:01:cd:a4:6c:
65:68:a1:49:76:5c:43:c9:d8:bc:36:67:6c:a5:94:b5:d4:cc:
b9:bd:6a:35:56:21:de:d8:c3:eb:fb:cb:a4:60:4c:b0:55:a0:
a0:7b:57:b2
SHA1 Fingerprint=74:F8:A3:C3:EF:E7:B3:90:06:4B:83:90:3C:21:64:60:20:E5:DF:CE
-----BEGIN CERTIFICATE-----
MIID5jCCAs6gAwIBAgIQV8szb8JcFuZHFhfjkDFo4DANBgkqhkiG9w0BAQUFADBi
MQswCQYDVQQGEwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMu
MTAwLgYDVQQDEydOZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3Jp
dHkwHhcNMDYxMjAxMDAwMDAwWhcNMjkxMjMxMjM1OTU5WjBiMQswCQYDVQQGEwJV
UzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMuMTAwLgYDVQQDEydO
ZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkvH6SMG3G2I4rC7xGzuAnlt7e+foS0zwz
c7MEL7xxjOWftiJgPl9dzgn/ggwbmlFQGiaJ3dVhXRncEg8tCqJDXRfQNJIg6nPP
OCwGJgl6cvf6UDL4wpPTaaIjzkGxzOTVHzbRijr4jGPiFFlp7Q3Tf2vouAPlT2rl
mGNpSAW+Lv8ztumXWWn4Zxmuk2GWRBXTcrA/vGp97Eh/jcOrqnErU2lBUzS1sLnF
BgrEsEX1QV1uiUV7PTsmjHTC5dLRfbIR1PtYMiKagMnc/Qzpf14Dl847ABSHJ3A4
qY5usyd2mFHgBeMhqxrVhSI8KbWaFsWAqPS7azCPL0YCorEMIuDTAgMBAAGjgZcw
gZQwHQYDVR0OBBYEFCEwyfsA106Y2oeqKtCnLrFAMadMMA4GA1UdDwEB/wQEAwIB
BjAPBgNVHRMBAf8EBTADAQH/MFIGA1UdHwRLMEkwR6BFoEOGQWh0dHA6Ly9jcmwu
bmV0c29sc3NsLmNvbS9OZXR3b3JrU29sdXRpb25zQ2VydGlmaWNhdGVBdXRob3Jp
dHkuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQC7rkvnt1frf6ott3NHhWrB5KUd5Oc8
6fRZZXe1eltajSU24HqXLjjAV2CDmAaDn7l2em5Q4LqILPxFzBiwmZVRDuwduIj/
h1AcgsLj4DKAv6ALR8jDMe+ZZzKATxcheQxpXN5eNK4CtSbqUN9/GGUsyfJj4akH
/nxxH2szJGoeBfcFaMBqEssuXmHLrijTfsK0ZpEmXzwuJF/LWA/rKOyvEZbz3Htv
wKeI8lN3s2Berq4o2jUsbzRF0ybh3uxbTydrFny9RAQYgrOJeRcQcT16ohZO9QHN
pGxlaKFJdlxDydi8NmdspZS11My5vWo1ViHe2MPr+8ukYEywVaCge1ey
-----END CERTIFICATE-----
--- NEW FILE ca-certificates.spec ---
### Note that mkcabundle.pl is used to generate ca-bundle.crt
### before generating a source RPM, and is not used during the
### build.
%define pkidir %{_sysconfdir}/pki
Summary: The Mozilla CA root certificate bundle
Name: ca-certificates
Version: 2008
Release: 4
License: Public Domain
Group: System Environment/Base
URL: http://www.mozilla.org/
Source0: ca-bundle.crt
Source1: generate-cacerts.pl
Source2: mkcabundle.pl
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
BuildRequires: perl, java-openjdk
BuildArch: noarch
%description
This package contains the set of CA certificates chosen by the
Mozilla Foundation for use with the Internet PKI.
%prep
rm -rf %{name}
mkdir %{name}
%build
pushd %{name}
%{__perl} %{SOURCE1} %{_bindir}/keytool %{SOURCE0}
touch -r %{SOURCE0} cacerts
popd
%install
rm -rf $RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT{%{pkidir}/tls/certs,%{pkidir}/java}
install -p -m 644 %{SOURCE0} $RPM_BUILD_ROOT%{pkidir}/tls/certs/ca-bundle.crt
# Install Java cacerts file.
mkdir -p -m 700 $RPM_BUILD_ROOT%{pkidir}/java
install -p -m 644 %{name}/cacerts $RPM_BUILD_ROOT%{pkidir}/java/
%clean
rm -rf $RPM_BUILD_ROOT
%files
%defattr(-,root,root,-)
%dir %{pkidir}/java
%config(noreplace) %{pkidir}/java/cacerts
%dir %{pkidir}/tls
%dir %{pkidir}/tls/certs
%config(noreplace) %{pkidir}/tls/certs/ca-bundle.crt
%changelog
* Tue May 27 2008 Joe Orton <jorton at redhat.com> 2008-4
- use package name for temp dir, recreate it in prep
* Tue May 27 2008 Joe Orton <jorton at redhat.com> 2008-3
- fix source script perms
- mark packaged files as config(noreplace)
* Tue May 27 2008 Joe Orton <jorton at redhat.com> 2008-2
- add (but don't use) mkcabundle.pl
- tweak description
- use /usr/bin/keytool directly; BR java-openjdk
* Tue May 27 2008 Joe Orton <jorton at redhat.com> 2008-1
- Initial build (#448497)
--- NEW FILE generate-cacerts.pl ---
#!/usr/bin/perl
# Copyright (C) 2007, 2008 Red Hat, Inc.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# generate-cacerts.pl generates a JKS keystore named 'cacerts' from
# OpenSSL's certificate bundle using OpenJDK's keytool.
# First extract each of OpenSSL's bundled certificates into its own
# aliased filename.
$file = $ARGV[1];
open(CERTS, $file);
@certs = <CERTS>;
close(CERTS);
$pem_file_number = 0;
$writing_cert = 0;
foreach $cert (@certs)
{
if ($cert eq "-----BEGIN CERTIFICATE-----\n")
{
if ($writing_cert != 0)
{
die "$file is malformed.";
}
$pem_file_number++;
# Numbering each file guarantees that cert aliases will be
# unique.
$pem_file_name = "$pem_file_number$cert_alias.pem";
$writing_cert = 1;
open(PEM, ">$pem_file_name");
print PEM $cert;
}
elsif ($cert eq "-----END CERTIFICATE-----\n")
{
$writing_cert = 0;
print PEM $cert;
close(PEM);
}
elsif ($cert =~ /Issuer: /)
{
# Generate an alias using the OU and CN attributes of the
# Issuer field if both are present, otherwise use only the CN
# attribute. The Issuer field must have either the OU or the
# CN attribute.
$_ = $cert;
if ($cert =~ /OU=/)
{
s/Issuer:.*?OU=//;
# Remove other occurrences of OU=.
s/OU=.*CN=//;
# Remove CN= if there were not other occurrences of OU=.
s/CN=//;
}
elsif ($cert =~ /CN=/)
{
s/Issuer:.*CN=//;
}
s/\W//g;
tr/A-Z/a-z/;
$cert_alias = $_
}
else
{
if ($writing_cert == 1)
{
print PEM $cert;
}
}
}
# Check that the correct number of .pem files were produced.
@pem_files = <*.pem>;
if (@pem_files != $pem_file_number)
{
die "Number of .pem files produced does not match".
" number of certs read from $file.";
}
# Now store each cert in the 'cacerts' file using keytool.
$certs_written_count = 0;
foreach $pem_file (@pem_files)
{
system "yes | $ARGV[0] -import".
" -alias `basename $pem_file .pem`".
" -keystore cacerts -storepass 'changeit' -file $pem_file";
unlink($pem_file);
$certs_written_count++;
}
# Check that the correct number of certs were added to the keystore.
if ($certs_written_count != $pem_file_number)
{
die "Number of certs added to keystore does not match".
" number of certs read from $file.";
}
--- NEW FILE mkcabundle.pl ---
#!/usr/bin/perl -w
#
# Used to regenerate ca-bundle.crt from the Mozilla certdata.txt.
# Run as ./mkcabundle.pl > ca-bundle.crt
#
my $cvsroot = ':pserver:anonymous at cvs-mirror.mozilla.org:/cvsroot';
my $certdata = 'mozilla/security/nss/lib/ckfw/builtins/certdata.txt';
open(IN, "cvs -d $cvsroot co -p $certdata|")
|| die "could not check out certdata.txt";
my $incert = 0;
print<<EOH;
# This is a bundle of X.509 certificates of public Certificate
# Authorities. It was generated from the Mozilla root CA list.
#
# Source: $certdata
#
EOH
while (<IN>) {
if (/^CKA_VALUE MULTILINE_OCTAL/) {
$incert = 1;
open(OUT, "|openssl x509 -text -inform DER -fingerprint")
|| die "could not pipe to openssl x509";
} elsif (/^END/ && $incert) {
close(OUT);
$incert = 0;
print "\n\n";
} elsif ($incert) {
my @bs = split(/\\/);
foreach my $b (@bs) {
chomp $b;
printf(OUT "%c", oct($b)) unless $b eq '';
}
} elsif (/^CVS_ID.*Revision: ([^ ]*).*/) {
print "# Generated from certdata.txt RCS revision $1\n#\n";
}
}
More information about the fedora-extras-commits
mailing list