ca-certificates: Update root CA certificates bundle
Commit Message
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
---
config/ca-certificates/certdata.txt | 124 ++++++++++++++++++++++++++++
lfs/ca-certificates | 2 +-
2 files changed, 125 insertions(+), 1 deletion(-)
Comments
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
> On 10 Jun 2024, at 11:24, Peter Müller <peter.mueller@ipfire.org> wrote:
>
> Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
> ---
> config/ca-certificates/certdata.txt | 124 ++++++++++++++++++++++++++++
> lfs/ca-certificates | 2 +-
> 2 files changed, 125 insertions(+), 1 deletion(-)
>
> diff --git a/config/ca-certificates/certdata.txt b/config/ca-certificates/certdata.txt
> index ed5e6cb17..ea914d409 100644
> --- a/config/ca-certificates/certdata.txt
> +++ b/config/ca-certificates/certdata.txt
> @@ -25359,3 +25359,127 @@ CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
> CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
> CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
> CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
> +
> +#
> +# Certificate "FIRMAPROFESIONAL CA ROOT-A WEB"
> +#
> +# Issuer: CN=FIRMAPROFESIONAL CA ROOT-A WEB,OID.2.5.4.97=VATES-A62634068,O=Firmaprofesional SA,C=ES
> +# Serial Number:31:97:21:ed:af:89:42:7f:35:41:87:a1:67:56:4c:6d
> +# Subject: CN=FIRMAPROFESIONAL CA ROOT-A WEB,OID.2.5.4.97=VATES-A62634068,O=Firmaprofesional SA,C=ES
> +# Not Valid Before: Wed Apr 06 09:01:36 2022
> +# Not Valid After : Sun Mar 31 09:01:36 2047
> +# Fingerprint (SHA-256): BE:F2:56:DA:F2:6E:9C:69:BD:EC:16:02:35:97:98:F3:CA:F7:18:21:A0:3E:01:82:57:C5:3C:65:61:7F:3D:4A
> +# Fingerprint (SHA1): A8:31:11:74:A6:14:15:0D:CA:77:DD:0E:E4:0C:5D:58:FC:A0:72:A5
> +CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
> +CKA_TOKEN CK_BBOOL CK_TRUE
> +CKA_PRIVATE CK_BBOOL CK_FALSE
> +CKA_MODIFIABLE CK_BBOOL CK_FALSE
> +CKA_LABEL UTF8 "FIRMAPROFESIONAL CA ROOT-A WEB"
> +CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
> +CKA_SUBJECT MULTILINE_OCTAL
> +\060\156\061\013\060\011\006\003\125\004\006\023\002\105\123\061
> +\034\060\032\006\003\125\004\012\014\023\106\151\162\155\141\160
> +\162\157\146\145\163\151\157\156\141\154\040\123\101\061\030\060
> +\026\006\003\125\004\141\014\017\126\101\124\105\123\055\101\066
> +\062\066\063\064\060\066\070\061\047\060\045\006\003\125\004\003
> +\014\036\106\111\122\115\101\120\122\117\106\105\123\111\117\116
> +\101\114\040\103\101\040\122\117\117\124\055\101\040\127\105\102
> +END
> +CKA_ID UTF8 "0"
> +CKA_ISSUER MULTILINE_OCTAL
> +\060\156\061\013\060\011\006\003\125\004\006\023\002\105\123\061
> +\034\060\032\006\003\125\004\012\014\023\106\151\162\155\141\160
> +\162\157\146\145\163\151\157\156\141\154\040\123\101\061\030\060
> +\026\006\003\125\004\141\014\017\126\101\124\105\123\055\101\066
> +\062\066\063\064\060\066\070\061\047\060\045\006\003\125\004\003
> +\014\036\106\111\122\115\101\120\122\117\106\105\123\111\117\116
> +\101\114\040\103\101\040\122\117\117\124\055\101\040\127\105\102
> +END
> +CKA_SERIAL_NUMBER MULTILINE_OCTAL
> +\002\020\061\227\041\355\257\211\102\177\065\101\207\241\147\126
> +\114\155
> +END
> +CKA_VALUE MULTILINE_OCTAL
> +\060\202\002\172\060\202\002\000\240\003\002\001\002\002\020\061
> +\227\041\355\257\211\102\177\065\101\207\241\147\126\114\155\060
> +\012\006\010\052\206\110\316\075\004\003\003\060\156\061\013\060
> +\011\006\003\125\004\006\023\002\105\123\061\034\060\032\006\003
> +\125\004\012\014\023\106\151\162\155\141\160\162\157\146\145\163
> +\151\157\156\141\154\040\123\101\061\030\060\026\006\003\125\004
> +\141\014\017\126\101\124\105\123\055\101\066\062\066\063\064\060
> +\066\070\061\047\060\045\006\003\125\004\003\014\036\106\111\122
> +\115\101\120\122\117\106\105\123\111\117\116\101\114\040\103\101
> +\040\122\117\117\124\055\101\040\127\105\102\060\036\027\015\062
> +\062\060\064\060\066\060\071\060\061\063\066\132\027\015\064\067
> +\060\063\063\061\060\071\060\061\063\066\132\060\156\061\013\060
> +\011\006\003\125\004\006\023\002\105\123\061\034\060\032\006\003
> +\125\004\012\014\023\106\151\162\155\141\160\162\157\146\145\163
> +\151\157\156\141\154\040\123\101\061\030\060\026\006\003\125\004
> +\141\014\017\126\101\124\105\123\055\101\066\062\066\063\064\060
> +\066\070\061\047\060\045\006\003\125\004\003\014\036\106\111\122
> +\115\101\120\122\117\106\105\123\111\117\116\101\114\040\103\101
> +\040\122\117\117\124\055\101\040\127\105\102\060\166\060\020\006
> +\007\052\206\110\316\075\002\001\006\005\053\201\004\000\042\003
> +\142\000\004\107\123\352\054\021\244\167\307\052\352\363\326\137
> +\173\323\004\221\134\372\210\306\042\271\203\020\142\167\204\063
> +\055\351\003\210\324\340\063\367\355\167\054\112\140\352\344\157
> +\255\155\264\370\114\212\244\344\037\312\352\117\070\112\056\202
> +\163\053\307\146\233\012\214\100\234\174\212\366\362\071\140\262
> +\336\313\354\270\344\157\352\233\135\267\123\220\030\062\125\305
> +\040\267\224\243\143\060\141\060\017\006\003\125\035\023\001\001
> +\377\004\005\060\003\001\001\377\060\037\006\003\125\035\043\004
> +\030\060\026\200\024\223\341\103\143\134\074\235\326\047\363\122
> +\354\027\262\251\257\054\367\166\370\060\035\006\003\125\035\016
> +\004\026\004\024\223\341\103\143\134\074\235\326\047\363\122\354
> +\027\262\251\257\054\367\166\370\060\016\006\003\125\035\017\001
> +\001\377\004\004\003\002\001\006\060\012\006\010\052\206\110\316
> +\075\004\003\003\003\150\000\060\145\002\060\035\174\244\173\303
> +\211\165\063\341\073\251\105\277\106\351\351\241\335\311\042\026
> +\267\107\021\013\330\232\272\361\310\013\160\120\123\002\221\160
> +\205\131\251\036\244\346\352\043\061\240\000\002\061\000\375\342
> +\370\263\257\026\271\036\163\304\226\343\301\060\031\330\176\346
> +\303\227\336\034\117\270\211\057\063\353\110\017\031\367\207\106
> +\135\046\220\245\205\305\271\172\224\076\207\250\275\000
> +END
> +CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
> +CKA_NSS_SERVER_DISTRUST_AFTER CK_BBOOL CK_FALSE
> +CKA_NSS_EMAIL_DISTRUST_AFTER CK_BBOOL CK_FALSE
> +
> +# Trust for "FIRMAPROFESIONAL CA ROOT-A WEB"
> +# Issuer: CN=FIRMAPROFESIONAL CA ROOT-A WEB,OID.2.5.4.97=VATES-A62634068,O=Firmaprofesional SA,C=ES
> +# Serial Number:31:97:21:ed:af:89:42:7f:35:41:87:a1:67:56:4c:6d
> +# Subject: CN=FIRMAPROFESIONAL CA ROOT-A WEB,OID.2.5.4.97=VATES-A62634068,O=Firmaprofesional SA,C=ES
> +# Not Valid Before: Wed Apr 06 09:01:36 2022
> +# Not Valid After : Sun Mar 31 09:01:36 2047
> +# Fingerprint (SHA-256): BE:F2:56:DA:F2:6E:9C:69:BD:EC:16:02:35:97:98:F3:CA:F7:18:21:A0:3E:01:82:57:C5:3C:65:61:7F:3D:4A
> +# Fingerprint (SHA1): A8:31:11:74:A6:14:15:0D:CA:77:DD:0E:E4:0C:5D:58:FC:A0:72:A5
> +CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
> +CKA_TOKEN CK_BBOOL CK_TRUE
> +CKA_PRIVATE CK_BBOOL CK_FALSE
> +CKA_MODIFIABLE CK_BBOOL CK_FALSE
> +CKA_LABEL UTF8 "FIRMAPROFESIONAL CA ROOT-A WEB"
> +CKA_CERT_SHA1_HASH MULTILINE_OCTAL
> +\250\061\021\164\246\024\025\015\312\167\335\016\344\014\135\130
> +\374\240\162\245
> +END
> +CKA_CERT_MD5_HASH MULTILINE_OCTAL
> +\202\262\255\105\000\202\260\146\143\370\137\303\147\116\316\243
> +END
> +CKA_ISSUER MULTILINE_OCTAL
> +\060\156\061\013\060\011\006\003\125\004\006\023\002\105\123\061
> +\034\060\032\006\003\125\004\012\014\023\106\151\162\155\141\160
> +\162\157\146\145\163\151\157\156\141\154\040\123\101\061\030\060
> +\026\006\003\125\004\141\014\017\126\101\124\105\123\055\101\066
> +\062\066\063\064\060\066\070\061\047\060\045\006\003\125\004\003
> +\014\036\106\111\122\115\101\120\122\117\106\105\123\111\117\116
> +\101\114\040\103\101\040\122\117\117\124\055\101\040\127\105\102
> +END
> +CKA_SERIAL_NUMBER MULTILINE_OCTAL
> +\002\020\061\227\041\355\257\211\102\177\065\101\207\241\147\126
> +\114\155
> +END
> +CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
> +CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
> +CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
> +CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
> +
> diff --git a/lfs/ca-certificates b/lfs/ca-certificates
> index 5fe5ca550..6c603340a 100644
> --- a/lfs/ca-certificates
> +++ b/lfs/ca-certificates
> @@ -24,7 +24,7 @@
>
> include Config
>
> -VER = 20240217
> +VER = 20240610
>
> # From https://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txt
>
> --
> 2.35.3
@@ -25359,3 +25359,127 @@ CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "FIRMAPROFESIONAL CA ROOT-A WEB"
+#
+# Issuer: CN=FIRMAPROFESIONAL CA ROOT-A WEB,OID.2.5.4.97=VATES-A62634068,O=Firmaprofesional SA,C=ES
+# Serial Number:31:97:21:ed:af:89:42:7f:35:41:87:a1:67:56:4c:6d
+# Subject: CN=FIRMAPROFESIONAL CA ROOT-A WEB,OID.2.5.4.97=VATES-A62634068,O=Firmaprofesional SA,C=ES
+# Not Valid Before: Wed Apr 06 09:01:36 2022
+# Not Valid After : Sun Mar 31 09:01:36 2047
+# Fingerprint (SHA-256): BE:F2:56:DA:F2:6E:9C:69:BD:EC:16:02:35:97:98:F3:CA:F7:18:21:A0:3E:01:82:57:C5:3C:65:61:7F:3D:4A
+# Fingerprint (SHA1): A8:31:11:74:A6:14:15:0D:CA:77:DD:0E:E4:0C:5D:58:FC:A0:72:A5
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "FIRMAPROFESIONAL CA ROOT-A WEB"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\156\061\013\060\011\006\003\125\004\006\023\002\105\123\061
+\034\060\032\006\003\125\004\012\014\023\106\151\162\155\141\160
+\162\157\146\145\163\151\157\156\141\154\040\123\101\061\030\060
+\026\006\003\125\004\141\014\017\126\101\124\105\123\055\101\066
+\062\066\063\064\060\066\070\061\047\060\045\006\003\125\004\003
+\014\036\106\111\122\115\101\120\122\117\106\105\123\111\117\116
+\101\114\040\103\101\040\122\117\117\124\055\101\040\127\105\102
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\156\061\013\060\011\006\003\125\004\006\023\002\105\123\061
+\034\060\032\006\003\125\004\012\014\023\106\151\162\155\141\160
+\162\157\146\145\163\151\157\156\141\154\040\123\101\061\030\060
+\026\006\003\125\004\141\014\017\126\101\124\105\123\055\101\066
+\062\066\063\064\060\066\070\061\047\060\045\006\003\125\004\003
+\014\036\106\111\122\115\101\120\122\117\106\105\123\111\117\116
+\101\114\040\103\101\040\122\117\117\124\055\101\040\127\105\102
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\061\227\041\355\257\211\102\177\065\101\207\241\147\126
+\114\155
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\002\172\060\202\002\000\240\003\002\001\002\002\020\061
+\227\041\355\257\211\102\177\065\101\207\241\147\126\114\155\060
+\012\006\010\052\206\110\316\075\004\003\003\060\156\061\013\060
+\011\006\003\125\004\006\023\002\105\123\061\034\060\032\006\003
+\125\004\012\014\023\106\151\162\155\141\160\162\157\146\145\163
+\151\157\156\141\154\040\123\101\061\030\060\026\006\003\125\004
+\141\014\017\126\101\124\105\123\055\101\066\062\066\063\064\060
+\066\070\061\047\060\045\006\003\125\004\003\014\036\106\111\122
+\115\101\120\122\117\106\105\123\111\117\116\101\114\040\103\101
+\040\122\117\117\124\055\101\040\127\105\102\060\036\027\015\062
+\062\060\064\060\066\060\071\060\061\063\066\132\027\015\064\067
+\060\063\063\061\060\071\060\061\063\066\132\060\156\061\013\060
+\011\006\003\125\004\006\023\002\105\123\061\034\060\032\006\003
+\125\004\012\014\023\106\151\162\155\141\160\162\157\146\145\163
+\151\157\156\141\154\040\123\101\061\030\060\026\006\003\125\004
+\141\014\017\126\101\124\105\123\055\101\066\062\066\063\064\060
+\066\070\061\047\060\045\006\003\125\004\003\014\036\106\111\122
+\115\101\120\122\117\106\105\123\111\117\116\101\114\040\103\101
+\040\122\117\117\124\055\101\040\127\105\102\060\166\060\020\006
+\007\052\206\110\316\075\002\001\006\005\053\201\004\000\042\003
+\142\000\004\107\123\352\054\021\244\167\307\052\352\363\326\137
+\173\323\004\221\134\372\210\306\042\271\203\020\142\167\204\063
+\055\351\003\210\324\340\063\367\355\167\054\112\140\352\344\157
+\255\155\264\370\114\212\244\344\037\312\352\117\070\112\056\202
+\163\053\307\146\233\012\214\100\234\174\212\366\362\071\140\262
+\336\313\354\270\344\157\352\233\135\267\123\220\030\062\125\305
+\040\267\224\243\143\060\141\060\017\006\003\125\035\023\001\001
+\377\004\005\060\003\001\001\377\060\037\006\003\125\035\043\004
+\030\060\026\200\024\223\341\103\143\134\074\235\326\047\363\122
+\354\027\262\251\257\054\367\166\370\060\035\006\003\125\035\016
+\004\026\004\024\223\341\103\143\134\074\235\326\047\363\122\354
+\027\262\251\257\054\367\166\370\060\016\006\003\125\035\017\001
+\001\377\004\004\003\002\001\006\060\012\006\010\052\206\110\316
+\075\004\003\003\003\150\000\060\145\002\060\035\174\244\173\303
+\211\165\063\341\073\251\105\277\106\351\351\241\335\311\042\026
+\267\107\021\013\330\232\272\361\310\013\160\120\123\002\221\160
+\205\131\251\036\244\346\352\043\061\240\000\002\061\000\375\342
+\370\263\257\026\271\036\163\304\226\343\301\060\031\330\176\346
+\303\227\336\034\117\270\211\057\063\353\110\017\031\367\207\106
+\135\046\220\245\205\305\271\172\224\076\207\250\275\000
+END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
+CKA_NSS_SERVER_DISTRUST_AFTER CK_BBOOL CK_FALSE
+CKA_NSS_EMAIL_DISTRUST_AFTER CK_BBOOL CK_FALSE
+
+# Trust for "FIRMAPROFESIONAL CA ROOT-A WEB"
+# Issuer: CN=FIRMAPROFESIONAL CA ROOT-A WEB,OID.2.5.4.97=VATES-A62634068,O=Firmaprofesional SA,C=ES
+# Serial Number:31:97:21:ed:af:89:42:7f:35:41:87:a1:67:56:4c:6d
+# Subject: CN=FIRMAPROFESIONAL CA ROOT-A WEB,OID.2.5.4.97=VATES-A62634068,O=Firmaprofesional SA,C=ES
+# Not Valid Before: Wed Apr 06 09:01:36 2022
+# Not Valid After : Sun Mar 31 09:01:36 2047
+# Fingerprint (SHA-256): BE:F2:56:DA:F2:6E:9C:69:BD:EC:16:02:35:97:98:F3:CA:F7:18:21:A0:3E:01:82:57:C5:3C:65:61:7F:3D:4A
+# Fingerprint (SHA1): A8:31:11:74:A6:14:15:0D:CA:77:DD:0E:E4:0C:5D:58:FC:A0:72:A5
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "FIRMAPROFESIONAL CA ROOT-A WEB"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\250\061\021\164\246\024\025\015\312\167\335\016\344\014\135\130
+\374\240\162\245
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\202\262\255\105\000\202\260\146\143\370\137\303\147\116\316\243
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\156\061\013\060\011\006\003\125\004\006\023\002\105\123\061
+\034\060\032\006\003\125\004\012\014\023\106\151\162\155\141\160
+\162\157\146\145\163\151\157\156\141\154\040\123\101\061\030\060
+\026\006\003\125\004\141\014\017\126\101\124\105\123\055\101\066
+\062\066\063\064\060\066\070\061\047\060\045\006\003\125\004\003
+\014\036\106\111\122\115\101\120\122\117\106\105\123\111\117\116
+\101\114\040\103\101\040\122\117\117\124\055\101\040\127\105\102
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\020\061\227\041\355\257\211\102\177\065\101\207\241\147\126
+\114\155
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
@@ -24,7 +24,7 @@
include Config
-VER = 20240217
+VER = 20240610
# From https://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txt