Regenerate root CA list using updated format-pem.pl. Specifically this - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	sthen <>	2018-12-16 12:08:32 +0000
committer	sthen <>	2018-12-16 12:08:32 +0000
commit	59fc26dd77445f3e639280bc8f9bfa8d0ee0b95e (patch)
tree	3aed245f9274bb9eeea46b527e8d2ef7e3be2d9a /src/lib/libc/stdlib/strtoul.c
parent	b255b52554508839ccd09509ec5cde1b6bc9c123 (diff)
download	openbsd-59fc26dd77445f3e639280bc8f9bfa8d0ee0b95e.tar.gz openbsd-59fc26dd77445f3e639280bc8f9bfa8d0ee0b95e.tar.bz2 openbsd-59fc26dd77445f3e639280bc8f9bfa8d0ee0b95e.zip

Regenerate root CA list using updated format-pem.pl. Specifically this

drops CA certificates whose validity dates don't comply with the rules on ASN.1 encoding in RFC 5280 (and predecessors - same rule goes back to at least RFC 2459, section 4.1.2.5). LibreSSL strictly enforces this, so attempting to validate certificates signed by these CAs just result in the following: error 13 at 1 depth lookup:format error in certificate's notBefore field "probably" beck@

Diffstat (limited to 'src/lib/libc/stdlib/strtoul.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: