blob: 4ee0b9e48e78d0b2fe087b3e4c29c44c6aaf16b8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
===========================================================================
$NetBSD: MESSAGE,v 1.5 2014/08/10 10:47:42 wiz Exp $
Execute this command to extract and rehash all CA root certificates
distributed by the Mozilla Project, so that they can be used by third
party applications using OpenSSL. It also creates a single file
certificate bundle in PEM format which can be used by applications using
GnuTLS.
# mozilla-rootcerts install
To mark these certificates as trusted for users of gnupg2, do
the following (assuming default PKG_SYSCONFBASE and a Bourne shell):
# mkdir -p /usr/pkg/etc/gnupg
# cd /usr/pkg/etc/gnupg
# for c in /etc/openssl/certs/*.pem; do
> openssl x509 -in $c -noout -fingerprint|sed 's|^.*=\(.*\)|\1 S|'
> done > trustlist.txt
===========================================================================
|
