diff options
| author | Max Rees <maxcrees@me.com> | 2020-06-02 18:45:09 -0500 |
|---|---|---|
| committer | Max Rees <maxcrees@me.com> | 2020-06-02 19:00:38 -0500 |
| commit | a4c6115d9202e1d1ecdec25fa1a665fe8d857cc5 (patch) | |
| tree | 6c87a4fed4ce46a89b749db08e703a8d2701b094 | |
| parent | 11bdc29edb6e810e3ef29292e16ea70340881be2 (diff) | |
| download | ca-certificates-a4c6115d9202e1d1ecdec25fa1a665fe8d857cc5.tar.gz ca-certificates-a4c6115d9202e1d1ecdec25fa1a665fe8d857cc5.tar.bz2 ca-certificates-a4c6115d9202e1d1ecdec25fa1a665fe8d857cc5.tar.xz ca-certificates-a4c6115d9202e1d1ecdec25fa1a665fe8d857cc5.zip | |
blacklist: silence untrusted errors
When certdata2pem is run, it checks whether certificates are marked as
untrusted. If they are, it excludes them but emits a loud warning that
they were not explicitly blacklisted.
Silence this warning by explicitly blacklisting them.
| -rw-r--r-- | blacklist.txt | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/blacklist.txt b/blacklist.txt index 70ed0d5..88940c0 100644 --- a/blacklist.txt +++ b/blacklist.txt @@ -1,2 +1,14 @@ # One blacklist entry per line, corresponding to the label in certdata.txt. +# Blacklist explicitly distrusted certificates +# They were already to-be-excluded since they are distrusted, but this +# silences the loud warning they produce. +"Distrust: O=Egypt Trust, OU=VeriSign Trust Network (cert 1/3)" +"Distrust: O=Egypt Trust, OU=VeriSign Trust Network (cert 2/3)" +"Distrust: O=Egypt Trust, OU=VeriSign Trust Network (cert 3/3)" +"Explicitly Distrust DigiNotar Root CA" +"Explicitly Distrusted DigiNotar PKIoverheid G2" +"MITM subCA 1 issued by Trustwave" +"MITM subCA 2 issued by Trustwave" +"TURKTRUST Mis-issued Intermediate CA 1" +"TURKTRUST Mis-issued Intermediate CA 2" |