Retire the ca-roots ports, which expired long ago.
The port is deprecated since it is not supported by the FreeBSD Security Officer anymore. The reason for this is that the ca-roots port makes promises with regard to CA verification which the current Security Officer (and deputy) do not want to make. For people who need a general root certificate list see the security/ca_root_ns, but note that the difference in guarantees with regard to which CAs are included in ca_root_ns vs. ca-roots. The ca_root_ns port basically makes no guarantees other than that the certificates comes from the Mozilla project. Note that the ca-roots MOVED file entry on purpose does not point at ca_root_ns due to the change in CA guarantees. With hat: security-officer
This commit is contained in:
parent
a5e70d1ac8
commit
0cb1d7b8dc
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=215953
1
MOVED
1
MOVED
@ -3517,3 +3517,4 @@ security/barnyard-sguil6|security/barnyard-sguil|2008-06-22|Moved to security/ba
|
||||
java/bsh|lang/bsh|2008-06-22|Moved to lang/bsh
|
||||
www/mod_security2|www/mod_security21|2008-06-22|Moved to www/mod_security2.
|
||||
security/gnutls-devel||2008-06-23|Removed
|
||||
security/ca-roots||2008-06-29|No longer supported by FreeBSD Security Officer
|
||||
|
@ -50,7 +50,6 @@
|
||||
SUBDIR += bsp_upektfmess
|
||||
SUBDIR += bubblegum
|
||||
SUBDIR += bugs
|
||||
SUBDIR += ca-roots
|
||||
SUBDIR += ca_root_nss
|
||||
SUBDIR += calife
|
||||
SUBDIR += calife-devel
|
||||
|
@ -1,26 +0,0 @@
|
||||
# Ports collection makefile for: ca-roots
|
||||
# Date created: Sep 5, 2000
|
||||
# Whom: nsayer
|
||||
#
|
||||
# $FreeBSD$
|
||||
#
|
||||
|
||||
PORTNAME= ca-roots
|
||||
PORTVERSION= 1.2
|
||||
CATEGORIES= security
|
||||
DISTFILES= # none
|
||||
|
||||
MAINTAINER= secteam@FreeBSD.org
|
||||
COMMENT= A list of SSL CA root certificates
|
||||
|
||||
DEPRECATED= Not supported by FreeBSD Security Officer anymore
|
||||
EXPIRATION_DATE=2007-07-07
|
||||
|
||||
NO_BUILD= yes
|
||||
|
||||
do-install:
|
||||
${MKDIR} ${PREFIX}/share/certs
|
||||
${INSTALL_DATA} ${FILESDIR}/ca-root.crt ${PREFIX}/share/certs
|
||||
${LN} -sf ${PREFIX}/share/certs/ca-root.crt /etc/ssl/cert.pem
|
||||
|
||||
.include <bsd.port.mk>
|
File diff suppressed because it is too large
Load Diff
@ -1,11 +0,0 @@
|
||||
This port simply contains a list of SSL Certificate Authority root
|
||||
certificates. Such a list performs a similar role for SSL Certificate
|
||||
verfication that the root cache does for DNS servers.
|
||||
|
||||
This list originally came from mod_ssl (where it was ca-bundle.crt. They
|
||||
originally got their list from Netscape Communicator/Navigator),
|
||||
but will be maintained separately. The maintainer will apply strict
|
||||
criteria to suggestions for additions to this list (in concert with
|
||||
the FreeBSD security officer). CAs wishing to be added will need
|
||||
to assure the FreeBSD user community that their certification procedures
|
||||
are sufficiently secure to render their certificates trustworthy.
|
@ -1,5 +0,0 @@
|
||||
@exec mkdir -p %D/share/certs
|
||||
share/certs/ca-root.crt
|
||||
@exec ln -s %D/share/certs/ca-root.crt /etc/ssl/cert.pem
|
||||
@unexec [ -L /etc/ssl/cert.pem ] && rm -f /etc/ssl/cert.pem
|
||||
@unexec rmdir %D/share/certs
|
Loading…
Reference in New Issue
Block a user