./security/ca-certificates, Root CA certificates from the Mozilla Project

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 20240203, Package name: ca-certificates-20240203, Maintainer: pkgsrc-users

This package contains the update-ca-certificates(8) tool maintained by
the Debian Project (in the ca-certificates package they distribute) to
manage the set of configured trust anchors for openssl.

The ca-certificates framework enables the sysadmin to configure the
certificates to install, using multiple sources of CA certificates, for
example to include local CAs. See update-ca-certificates(8) for details.

This package also contains the certificate authorities shipped with
Mozilla's browser to allow SSL-based applications to check for the
authenticity of SSL connections.

Please note that Debian, NetBSD, and pkgsrc can neither confirm nor deny
whether the certificate authorities whose certificates are included in
this package have in any way been audited for trustworthiness or RFC
3647 compliance. Full responsibility to assess them belongs to the
local system administrator.

See also the mozilla-rootcerts and mozilla-rootcerts-openssl packages
for alternative approaches to installing CA certificates.


Required to run:
[security/openssl]

Required to build:
[pkgtools/cwrappers] [lang/python37]

Master sites:

Filesize: 257.105 KB

Version history: (Expand)


CVS history: (Expand)


   2024-03-22 06:37:44 by Kimmo Suominen | Files touched by this commit (3) | Package updated
Log message:
ca-certificates: Update to 20240203

ca-certificates (20240203) unstable; urgency=medium

  [ Jeffrey Walton ]
  * update-ca-certificates man page updates
  * fix shellcheck warnings (closes: #1058658, #981663)

  [ Gioele Barabucci ]
  * Use standard dh sequence (closes: #1050112)

  [ Julien Cristau ]
  * Update Mozilla certificate authority bundle to version 2.64
    The following certificate authorities were added (+):
    + Atos TrustedRoot Root CA ECC TLS 2021
    + Atos TrustedRoot Root CA RSA TLS 2021
    + BJCA Global Root CA1
    + BJCA Global Root CA2
    + CommScope Public Trust ECC Root-01
    + CommScope Public Trust ECC Root-02
    + CommScope Public Trust RSA Root-01
    + CommScope Public Trust RSA Root-02
    + Sectigo Public Server Authentication Root E46
    + Sectigo Public Server Authentication Root R46
    + SSL.com TLS ECC Root CA 2022
    + SSL.com TLS RSA Root CA 2022
    + TrustAsia Global Root CA G3
    + TrustAsia Global Root CA G4
    The following certificate authorities were removed (-):
    - Autoridad de Certificacion Firmaprofesional CIF A62634068
    - E-Tugra Certification Authority (closes: #1032916)
    - E-Tugra Global Root CA ECC v3
    - E-Tugra Global Root CA RSA v3
    - Hongkong Post Root CA 1
    - TrustCor ECA-1
    - TrustCor RootCert CA-1
    - TrustCor RootCert CA-2 (closes: #1023945)

 -- Julien Cristau <jcristau@debian.org>  Sun, 04 Feb 2024 10:41:43 +0100
   2023-08-14 07:25:36 by Thomas Klausner | Files touched by this commit (1247)
Log message:
*: recursive bump for Python 3.11 as new default
   2023-07-05 20:13:22 by Kimmo Suominen | Files touched by this commit (3)
Log message:
ca-certificates: Fix previously improved relocatability
   2023-07-05 19:30:24 by Kimmo Suominen | Files touched by this commit (4)
Log message:
ca-certificates: Be more relocatable
   2023-05-21 18:33:50 by Kimmo Suominen | Files touched by this commit (5)
Log message:
ca-certificates: Update to 20230311

ca-certificates (20230311) unstable; urgency=medium

  [ Đoàn Trần Công Danh ]
  * ca-certificates: compat with non-GNU mktemp (closes: #1000847)

  [ Ilya Lipnitskiy ]
  * certdata2pem.py: use UTC time when checking cert validity

  [ Julien Cristau ]
  * Update Mozilla certificate authority bundle to version 2.60
    The following certificate authorities were added (+):
    + "Autoridad de Certificacion Firmaprofesional CIF A62634068"
    + "Certainly Root E1"
    + "Certainly Root R1"
    + "D-TRUST BR Root CA 1 2020"
    + "D-TRUST EV Root CA 1 2020"
    + "DigiCert TLS ECC P384 Root G5"
    + "DigiCert TLS RSA4096 Root G5"
    + "E-Tugra Global Root CA ECC v3"
    + "E-Tugra Global Root CA RSA v3"
    + "HARICA TLS ECC Root CA 2021"
    + "HARICA TLS RSA Root CA 2021"
    + "HiPKI Root CA - G1"
    + "ISRG Root X2"
    + "Security Communication ECC RootCA1"
    + "Security Communication RootCA3"
    + "Telia Root CA v2"
    + "TunTrust Root CA"
    + "vTrus ECC Root CA"
    + "vTrus Root CA"
    The following certificate authorities were removed (-):
    - "Cybertrust Global Root" (expired)
    - "EC-ACC"
    - "GlobalSign Root CA - R2" (expired)
    - "Hellenic Academic and Research Institutions RootCA 2011"
    - "Network Solutions Certificate Authority"
    - "Staat der Nederlanden EV Root CA" (expired)
  * Drop trailing space from debconf template causing misformatting
    (closes: #980821)

  [ Wataru Ashihara ]
  * Make certdata2pem.py compatible with cryptography >= 35 (closes: #1008244)

 -- Julien Cristau <jcristau@debian.org>  Sat, 11 Mar 2023 09:47:05 +0100
   2022-10-19 15:56:34 by Nia Alarie | Files touched by this commit (26)
Log message:
fighting a losing battle against py-cryptography rustification, part 2

Switch users to versioned_dependencies.mk.
   2022-07-17 04:58:32 by Tobias Nygren | Files touched by this commit (3)
Log message:
ca-certificates: try to mend py-cryptography fallout
   2022-07-09 11:38:57 by Thomas Klausner | Files touched by this commit (1)
Log message:
ca-certificates: this does not support python 2