CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

projects / FreeBSD / FreeBSD.git / commit

author	Kyle Evans <kevans@FreeBSD.org>
	Sat, 26 Aug 2023 01:01:47 +0000 (20:01 -0500)
committer	Kyle Evans <kevans@FreeBSD.org>
	Mon, 11 Sep 2023 22:02:37 +0000 (17:02 -0500)
commit	25f07248916f0108bd62b3deb58e21bff880b391
tree	9f909d2cfe275ef72cb7082ac25d8a1dfc3b9ed3	tree \| snapshot
parent	3ff148ad9274a0433ac63582cbe50138517d8744	commit \| diff

caroot: update the root bundle and regenerate with OpenSSL 3

Summary:
- Six (6) new roots
- Four (4) distrusted roots

Note that this was intentionally generated with OpenSSL 1.1.1 to avoid
mixing updates and non-functional changes -- there will be some churn
with OpenSSL 3. The next commit will update the current batch of
trusted certs with the format OpenSSL 3 produces, which I've tested
against OpenSSL 1.1.1 to be sure that that doesn't hurt us in older
branches.

This MFC also regenerates all of the trusted certs with OpenSSL 3 to
reduce the diff of future ENs -- this update has no existing certs
modified, so it's the perfect time.

(cherry picked from commit 65fd80909e196c8be2ce5e948775e9cbda2ef069)
(cherry picked from commit 8ed0ecf8024d10e9cd21f5880723a6cec4fd4ae6)

192 files changed:

ObsoleteFiles.inc		diff \| blob \| history
secure/caroot/blacklisted/AddTrust_External_Root.pem		diff \| blob \| history
secure/caroot/blacklisted/AddTrust_Low-Value_Services_Root.pem		diff \| blob \| history
secure/caroot/blacklisted/Camerfirma_Chambers_of_Commerce_Root.pem		diff \| blob \| history
secure/caroot/blacklisted/Camerfirma_Global_Chambersign_Root.pem		diff \| blob \| history
secure/caroot/blacklisted/Certum_Root_CA.pem		diff \| blob \| history
secure/caroot/blacklisted/Chambers_of_Commerce_Root_-_2008.pem		diff \| blob \| history
secure/caroot/blacklisted/Cybertrust_Global_Root.pem		diff \| blob \| history
secure/caroot/blacklisted/D-TRUST_Root_CA_3_2013.pem		diff \| blob \| history
secure/caroot/blacklisted/DST_Root_CA_X3.pem		diff \| blob \| history
secure/caroot/blacklisted/E-Tugra_Certification_Authority.pem	[moved from secure/caroot/trusted/E-Tugra_Certification_Authority.pem with 75% similarity]	diff \| blob \| history
secure/caroot/blacklisted/E-Tugra_Global_Root_CA_ECC_v3.pem	[moved from secure/caroot/trusted/E-Tugra_Global_Root_CA_ECC_v3.pem with 86% similarity]	diff \| blob \| history
secure/caroot/blacklisted/E-Tugra_Global_Root_CA_RSA_v3.pem	[moved from secure/caroot/trusted/E-Tugra_Global_Root_CA_RSA_v3.pem with 75% similarity]	diff \| blob \| history
secure/caroot/blacklisted/EC-ACC.pem		diff \| blob \| history
secure/caroot/blacklisted/EE_Certification_Centre_Root_CA.pem		diff \| blob \| history
secure/caroot/blacklisted/GeoTrust_Global_CA.pem		diff \| blob \| history
secure/caroot/blacklisted/GeoTrust_Primary_Certification_Authority.pem		diff \| blob \| history
secure/caroot/blacklisted/GeoTrust_Primary_Certification_Authority_-_G2.pem		diff \| blob \| history
secure/caroot/blacklisted/GeoTrust_Primary_Certification_Authority_-_G3.pem		diff \| blob \| history
secure/caroot/blacklisted/GeoTrust_Universal_CA.pem		diff \| blob \| history
secure/caroot/blacklisted/GeoTrust_Universal_CA_2.pem		diff \| blob \| history
secure/caroot/blacklisted/GlobalSign_Root_CA_-_R2.pem		diff \| blob \| history
secure/caroot/blacklisted/Global_Chambersign_Root_-_2008.pem		diff \| blob \| history
secure/caroot/blacklisted/Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem		diff \| blob \| history
secure/caroot/blacklisted/Hongkong_Post_Root_CA_1.pem	[moved from secure/caroot/trusted/Hongkong_Post_Root_CA_1.pem with 78% similarity]	diff \| blob \| history
secure/caroot/blacklisted/LuxTrust_Global_Root_2.pem		diff \| blob \| history
secure/caroot/blacklisted/Network_Solutions_Certificate_Authority.pem		diff \| blob \| history
secure/caroot/blacklisted/OISTE_WISeKey_Global_Root_GA_CA.pem		diff \| blob \| history
secure/caroot/blacklisted/QuoVadis_Root_CA.pem		diff \| blob \| history
secure/caroot/blacklisted/Sonera_Class_2_Root_CA.pem		diff \| blob \| history
secure/caroot/blacklisted/Staat_der_Nederlanden_EV_Root_CA.pem		diff \| blob \| history
secure/caroot/blacklisted/Staat_der_Nederlanden_Root_CA_-_G2.pem		diff \| blob \| history
secure/caroot/blacklisted/Staat_der_Nederlanden_Root_CA_-_G3.pem		diff \| blob \| history
secure/caroot/blacklisted/SwissSign_Platinum_CA_-_G2.pem		diff \| blob \| history
secure/caroot/blacklisted/Symantec_Class_1_Public_Primary_Certification_Authority_-_G4.pem		diff \| blob \| history
secure/caroot/blacklisted/Symantec_Class_1_Public_Primary_Certification_Authority_-_G6.pem		diff \| blob \| history
secure/caroot/blacklisted/Symantec_Class_2_Public_Primary_Certification_Authority_-_G4.pem		diff \| blob \| history
secure/caroot/blacklisted/Symantec_Class_2_Public_Primary_Certification_Authority_-_G6.pem		diff \| blob \| history
secure/caroot/blacklisted/Taiwan_GRCA.pem		diff \| blob \| history
secure/caroot/blacklisted/TrustCor_ECA-1.pem		diff \| blob \| history
secure/caroot/blacklisted/TrustCor_RootCert_CA-1.pem		diff \| blob \| history
secure/caroot/blacklisted/TrustCor_RootCert_CA-2.pem		diff \| blob \| history
secure/caroot/blacklisted/Trustis_FPS_Root_CA.pem		diff \| blob \| history
secure/caroot/blacklisted/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.pem		diff \| blob \| history
secure/caroot/blacklisted/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.pem		diff \| blob \| history
secure/caroot/blacklisted/VeriSign_Universal_Root_Certification_Authority.pem		diff \| blob \| history
secure/caroot/blacklisted/Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.pem		diff \| blob \| history
secure/caroot/blacklisted/Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.pem		diff \| blob \| history
secure/caroot/blacklisted/Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.pem		diff \| blob \| history
secure/caroot/blacklisted/thawte_Primary_Root_CA.pem		diff \| blob \| history
secure/caroot/blacklisted/thawte_Primary_Root_CA_-_G2.pem		diff \| blob \| history
secure/caroot/blacklisted/thawte_Primary_Root_CA_-_G3.pem		diff \| blob \| history
secure/caroot/trusted/ACCVRAIZ1.pem		diff \| blob \| history
secure/caroot/trusted/AC_RAIZ_FNMT-RCM.pem		diff \| blob \| history
secure/caroot/trusted/AC_RAIZ_FNMT-RCM_SERVIDORES_SEGUROS.pem		diff \| blob \| history
secure/caroot/trusted/ANF_Secure_Server_Root_CA.pem		diff \| blob \| history
secure/caroot/trusted/Actalis_Authentication_Root_CA.pem		diff \| blob \| history
secure/caroot/trusted/AffirmTrust_Commercial.pem		diff \| blob \| history
secure/caroot/trusted/AffirmTrust_Networking.pem		diff \| blob \| history
secure/caroot/trusted/AffirmTrust_Premium.pem		diff \| blob \| history
secure/caroot/trusted/AffirmTrust_Premium_ECC.pem		diff \| blob \| history
secure/caroot/trusted/Amazon_Root_CA_1.pem		diff \| blob \| history
secure/caroot/trusted/Amazon_Root_CA_2.pem		diff \| blob \| history
secure/caroot/trusted/Amazon_Root_CA_3.pem		diff \| blob \| history
secure/caroot/trusted/Amazon_Root_CA_4.pem		diff \| blob \| history
secure/caroot/trusted/Atos_TrustedRoot_2011.pem		diff \| blob \| history
secure/caroot/trusted/Atos_TrustedRoot_Root_CA_ECC_TLS_2021.pem	[new file with mode: 0644]	blob
secure/caroot/trusted/Atos_TrustedRoot_Root_CA_RSA_TLS_2021.pem	[new file with mode: 0644]	blob
secure/caroot/trusted/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.pem		diff \| blob \| history
secure/caroot/trusted/BJCA_Global_Root_CA1.pem		diff \| blob \| history
secure/caroot/trusted/BJCA_Global_Root_CA2.pem		diff \| blob \| history
secure/caroot/trusted/Baltimore_CyberTrust_Root.pem		diff \| blob \| history
secure/caroot/trusted/Buypass_Class_2_Root_CA.pem		diff \| blob \| history
secure/caroot/trusted/Buypass_Class_3_Root_CA.pem		diff \| blob \| history
secure/caroot/trusted/CA_Disig_Root_R2.pem		diff \| blob \| history
secure/caroot/trusted/CFCA_EV_ROOT.pem		diff \| blob \| history
secure/caroot/trusted/COMODO_Certification_Authority.pem		diff \| blob \| history
secure/caroot/trusted/COMODO_ECC_Certification_Authority.pem		diff \| blob \| history
secure/caroot/trusted/COMODO_RSA_Certification_Authority.pem		diff \| blob \| history
secure/caroot/trusted/Certainly_Root_E1.pem		diff \| blob \| history
secure/caroot/trusted/Certainly_Root_R1.pem		diff \| blob \| history
secure/caroot/trusted/Certigna.pem		diff \| blob \| history
secure/caroot/trusted/Certigna_Root_CA.pem		diff \| blob \| history
secure/caroot/trusted/Certum_EC-384_CA.pem		diff \| blob \| history
secure/caroot/trusted/Certum_Trusted_Network_CA.pem		diff \| blob \| history
secure/caroot/trusted/Certum_Trusted_Network_CA_2.pem		diff \| blob \| history
secure/caroot/trusted/Certum_Trusted_Root_CA.pem		diff \| blob \| history
secure/caroot/trusted/Comodo_AAA_Services_root.pem		diff \| blob \| history
secure/caroot/trusted/D-TRUST_BR_Root_CA_1_2020.pem		diff \| blob \| history
secure/caroot/trusted/D-TRUST_EV_Root_CA_1_2020.pem		diff \| blob \| history
secure/caroot/trusted/D-TRUST_Root_Class_3_CA_2_2009.pem		diff \| blob \| history
secure/caroot/trusted/D-TRUST_Root_Class_3_CA_2_EV_2009.pem		diff \| blob \| history
secure/caroot/trusted/DigiCert_Assured_ID_Root_CA.pem		diff \| blob \| history
secure/caroot/trusted/DigiCert_Assured_ID_Root_G2.pem		diff \| blob \| history
secure/caroot/trusted/DigiCert_Assured_ID_Root_G3.pem		diff \| blob \| history
secure/caroot/trusted/DigiCert_Global_Root_CA.pem		diff \| blob \| history
secure/caroot/trusted/DigiCert_Global_Root_G2.pem		diff \| blob \| history
secure/caroot/trusted/DigiCert_Global_Root_G3.pem		diff \| blob \| history
secure/caroot/trusted/DigiCert_High_Assurance_EV_Root_CA.pem		diff \| blob \| history
secure/caroot/trusted/DigiCert_TLS_ECC_P384_Root_G5.pem		diff \| blob \| history
secure/caroot/trusted/DigiCert_TLS_RSA4096_Root_G5.pem		diff \| blob \| history
secure/caroot/trusted/DigiCert_Trusted_Root_G4.pem		diff \| blob \| history
secure/caroot/trusted/Entrust_Root_Certification_Authority.pem		diff \| blob \| history
secure/caroot/trusted/Entrust_Root_Certification_Authority_-_EC1.pem		diff \| blob \| history
secure/caroot/trusted/Entrust_Root_Certification_Authority_-_G2.pem		diff \| blob \| history
secure/caroot/trusted/Entrust_Root_Certification_Authority_-_G4.pem		diff \| blob \| history
secure/caroot/trusted/Entrust_net_Premium_2048_Secure_Server_CA.pem		diff \| blob \| history
secure/caroot/trusted/GDCA_TrustAUTH_R5_ROOT.pem		diff \| blob \| history
secure/caroot/trusted/GLOBALTRUST_2020.pem		diff \| blob \| history
secure/caroot/trusted/GTS_Root_R1.pem		diff \| blob \| history
secure/caroot/trusted/GTS_Root_R2.pem		diff \| blob \| history
secure/caroot/trusted/GTS_Root_R3.pem		diff \| blob \| history
secure/caroot/trusted/GTS_Root_R4.pem		diff \| blob \| history
secure/caroot/trusted/GlobalSign_ECC_Root_CA_-_R4.pem		diff \| blob \| history
secure/caroot/trusted/GlobalSign_ECC_Root_CA_-_R5.pem		diff \| blob \| history
secure/caroot/trusted/GlobalSign_Root_CA.pem		diff \| blob \| history
secure/caroot/trusted/GlobalSign_Root_CA_-_R3.pem		diff \| blob \| history
secure/caroot/trusted/GlobalSign_Root_CA_-_R6.pem		diff \| blob \| history
secure/caroot/trusted/GlobalSign_Root_E46.pem		diff \| blob \| history
secure/caroot/trusted/GlobalSign_Root_R46.pem		diff \| blob \| history
secure/caroot/trusted/Go_Daddy_Class_2_CA.pem		diff \| blob \| history
secure/caroot/trusted/Go_Daddy_Root_Certificate_Authority_-_G2.pem		diff \| blob \| history
secure/caroot/trusted/HARICA_TLS_ECC_Root_CA_2021.pem		diff \| blob \| history
secure/caroot/trusted/HARICA_TLS_RSA_Root_CA_2021.pem		diff \| blob \| history
secure/caroot/trusted/Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.pem		diff \| blob \| history
secure/caroot/trusted/Hellenic_Academic_and_Research_Institutions_RootCA_2015.pem		diff \| blob \| history
secure/caroot/trusted/HiPKI_Root_CA_-_G1.pem		diff \| blob \| history
secure/caroot/trusted/Hongkong_Post_Root_CA_3.pem		diff \| blob \| history
secure/caroot/trusted/ISRG_Root_X1.pem		diff \| blob \| history
secure/caroot/trusted/ISRG_Root_X2.pem		diff \| blob \| history
secure/caroot/trusted/IdenTrust_Commercial_Root_CA_1.pem		diff \| blob \| history
secure/caroot/trusted/IdenTrust_Public_Sector_Root_CA_1.pem		diff \| blob \| history
secure/caroot/trusted/Izenpe_com.pem		diff \| blob \| history
secure/caroot/trusted/Microsec_e-Szigno_Root_CA_2009.pem		diff \| blob \| history
secure/caroot/trusted/Microsoft_ECC_Root_Certificate_Authority_2017.pem		diff \| blob \| history
secure/caroot/trusted/Microsoft_RSA_Root_Certificate_Authority_2017.pem		diff \| blob \| history
secure/caroot/trusted/NAVER_Global_Root_Certification_Authority.pem		diff \| blob \| history
secure/caroot/trusted/NetLock_Arany__Class_Gold__F__tan__s__tv__ny.pem		diff \| blob \| history
secure/caroot/trusted/OISTE_WISeKey_Global_Root_GB_CA.pem		diff \| blob \| history
secure/caroot/trusted/OISTE_WISeKey_Global_Root_GC_CA.pem		diff \| blob \| history
secure/caroot/trusted/QuoVadis_Root_CA_1_G3.pem		diff \| blob \| history
secure/caroot/trusted/QuoVadis_Root_CA_2.pem		diff \| blob \| history
secure/caroot/trusted/QuoVadis_Root_CA_2_G3.pem		diff \| blob \| history
secure/caroot/trusted/QuoVadis_Root_CA_3.pem		diff \| blob \| history
secure/caroot/trusted/QuoVadis_Root_CA_3_G3.pem		diff \| blob \| history
secure/caroot/trusted/SSL_com_EV_Root_Certification_Authority_ECC.pem		diff \| blob \| history
secure/caroot/trusted/SSL_com_EV_Root_Certification_Authority_RSA_R2.pem		diff \| blob \| history
secure/caroot/trusted/SSL_com_Root_Certification_Authority_ECC.pem		diff \| blob \| history
secure/caroot/trusted/SSL_com_Root_Certification_Authority_RSA.pem		diff \| blob \| history
secure/caroot/trusted/SSL_com_TLS_ECC_Root_CA_2022.pem	[new file with mode: 0644]	blob
secure/caroot/trusted/SSL_com_TLS_RSA_Root_CA_2022.pem	[new file with mode: 0644]	blob
secure/caroot/trusted/SZAFIR_ROOT_CA2.pem		diff \| blob \| history
secure/caroot/trusted/Sectigo_Public_Server_Authentication_Root_E46.pem	[new file with mode: 0644]	blob
secure/caroot/trusted/Sectigo_Public_Server_Authentication_Root_R46.pem	[new file with mode: 0644]	blob
secure/caroot/trusted/SecureSign_RootCA11.pem		diff \| blob \| history
secure/caroot/trusted/SecureTrust_CA.pem		diff \| blob \| history
secure/caroot/trusted/Secure_Global_CA.pem		diff \| blob \| history
secure/caroot/trusted/Security_Communication_ECC_RootCA1.pem		diff \| blob \| history
secure/caroot/trusted/Security_Communication_RootCA2.pem		diff \| blob \| history
secure/caroot/trusted/Security_Communication_RootCA3.pem		diff \| blob \| history
secure/caroot/trusted/Security_Communication_Root_CA.pem		diff \| blob \| history
secure/caroot/trusted/Starfield_Class_2_CA.pem		diff \| blob \| history
secure/caroot/trusted/Starfield_Root_Certificate_Authority_-_G2.pem		diff \| blob \| history
secure/caroot/trusted/Starfield_Services_Root_Certificate_Authority_-_G2.pem		diff \| blob \| history
secure/caroot/trusted/SwissSign_Gold_CA_-_G2.pem		diff \| blob \| history
secure/caroot/trusted/SwissSign_Silver_CA_-_G2.pem		diff \| blob \| history
secure/caroot/trusted/T-TeleSec_GlobalRoot_Class_2.pem		diff \| blob \| history
secure/caroot/trusted/T-TeleSec_GlobalRoot_Class_3.pem		diff \| blob \| history
secure/caroot/trusted/TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi_-_Surum_1.pem		diff \| blob \| history
secure/caroot/trusted/TWCA_Global_Root_CA.pem		diff \| blob \| history
secure/caroot/trusted/TWCA_Root_Certification_Authority.pem		diff \| blob \| history
secure/caroot/trusted/TeliaSonera_Root_CA_v1.pem		diff \| blob \| history
secure/caroot/trusted/Telia_Root_CA_v2.pem		diff \| blob \| history
secure/caroot/trusted/Trustwave_Global_Certification_Authority.pem		diff \| blob \| history
secure/caroot/trusted/Trustwave_Global_ECC_P256_Certification_Authority.pem		diff \| blob \| history
secure/caroot/trusted/Trustwave_Global_ECC_P384_Certification_Authority.pem		diff \| blob \| history
secure/caroot/trusted/TunTrust_Root_CA.pem		diff \| blob \| history
secure/caroot/trusted/UCA_Extended_Validation_Root.pem		diff \| blob \| history
secure/caroot/trusted/UCA_Global_G2_Root.pem		diff \| blob \| history
secure/caroot/trusted/USERTrust_ECC_Certification_Authority.pem		diff \| blob \| history
secure/caroot/trusted/USERTrust_RSA_Certification_Authority.pem		diff \| blob \| history
secure/caroot/trusted/XRamp_Global_CA_Root.pem		diff \| blob \| history
secure/caroot/trusted/certSIGN_ROOT_CA.pem		diff \| blob \| history
secure/caroot/trusted/certSIGN_Root_CA_G2.pem		diff \| blob \| history
secure/caroot/trusted/e-Szigno_Root_CA_2017.pem		diff \| blob \| history
secure/caroot/trusted/ePKI_Root_Certification_Authority.pem		diff \| blob \| history
secure/caroot/trusted/emSign_ECC_Root_CA_-_C3.pem		diff \| blob \| history
secure/caroot/trusted/emSign_ECC_Root_CA_-_G3.pem		diff \| blob \| history
secure/caroot/trusted/emSign_Root_CA_-_C1.pem		diff \| blob \| history
secure/caroot/trusted/emSign_Root_CA_-_G1.pem		diff \| blob \| history
secure/caroot/trusted/vTrus_ECC_Root_CA.pem		diff \| blob \| history
secure/caroot/trusted/vTrus_Root_CA.pem		diff \| blob \| history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom