mirror of
https://git.launchpad.net/ubuntu/+source/ca-certificates
synced 2025-04-13 09:38:26 +00:00
|
|
||
|---|---|---|
| .. | ||
| po | ||
| changelog | ||
| config | ||
| config.in | ||
| control | ||
| copyright | ||
| dirs | ||
| docs | ||
| NEWS | ||
| oldpemfiles | ||
| postinst | ||
| postrm | ||
| README.Debian | ||
| rules | ||
| templates | ||
The Debian Package ca-certificates
----------------------------------
Common CA certificates PEM files, installed in /usr/share/ca-certificates/
It includes the following certificates:
- spi-inc.org certificate
- db.debian.org certificate
- Mozilla builtin CA certificates
- brasil.gov.br certificate
- cacert.org certificate
configuration file:
/etc/ca-certificates.conf
- managed by debconf
# dpkg-reconfigure ca-certificates
update-ca-certificates will update /etc/ssl/certs
make hash symlinks
generate ca-certificates.crt (single-file version)
/etc/ssl/certs/ca-certificates.crt may be used by the web browsers
in Debian, such as w3m, when deciding what secure web sites to trust.
For w3m package, it has ssl_ca_path configuration in /etc/w3m/w3mconfig,
so it works without any configuration. You can specify
/etc/ssl/certs/ca-certificates.crt for ssl_ca_file instead.
How certificate will be accepted in ca-certificates package
-----------------------------------------------------------
- submit *GPG signed* bug report to ca-certificate with severity normal.
the bug report should include
- description of the CA
- how to obtain CA cert pem or paste it in the bug report
- license of the CA certificate
- fingerprint and/or hash value of the cert
- get 2 or 3 recommendation ("seconded" mail) from other people to
the bug report, GPG signed.
I won't accept if the CA is requested by only one people.
-- Fumitoshi UKAI <ukai@debian.or.jp>, Thu, 17 Aug 2006 13:27:55 +0900