Regenerate root CA list using updated format-pem.pl. Specifically this - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	sthen <>	2018-12-16 12:08:32 +0000
committer	sthen <>	2018-12-16 12:08:32 +0000
commit	0599cb3332122792b1eb29f7f3f541c967bea459 (patch)
tree	3aed245f9274bb9eeea46b527e8d2ef7e3be2d9a /src/regress/lib
parent	f0a158d5d8088db193cd639773ed40b1e6248be9 (diff)
download	openbsd-0599cb3332122792b1eb29f7f3f541c967bea459.tar.gz openbsd-0599cb3332122792b1eb29f7f3f541c967bea459.tar.bz2 openbsd-0599cb3332122792b1eb29f7f3f541c967bea459.zip

Regenerate root CA list using updated format-pem.pl. Specifically this

drops CA certificates whose validity dates don't comply with the rules on ASN.1 encoding in RFC 5280 (and predecessors - same rule goes back to at least RFC 2459, section 4.1.2.5). LibreSSL strictly enforces this, so attempting to validate certificates signed by these CAs just result in the following: error 13 at 1 depth lookup:format error in certificate's notBefore field "probably" beck@

Diffstat (limited to 'src/regress/lib')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: