From patchwork Mon Jun 10 10:24:00 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Peter_M=C3=BCller?= X-Patchwork-Id: 7855 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature ECDSA (secp384r1) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4VySbm6YW6z3wxG for ; Mon, 10 Jun 2024 10:24:52 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature ECDSA (secp384r1) client-digest SHA384) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4VySbj3x43z12F; Mon, 10 Jun 2024 10:24:49 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4VySbj2bLDz332l; Mon, 10 Jun 2024 10:24:49 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature ECDSA (secp384r1) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4VySbd6k14z2xrs for ; Mon, 10 Jun 2024 10:24:45 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4VySbb6Cx6zcS for ; Mon, 10 Jun 2024 10:24:43 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1718015084; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=1tSj4U7pfgUsOweIYMKAF/bKziPIcOqA3f2eG0F+/ZQ=; b=R6Svulmr8EWhPmss5lCkE9Lm2yeUVPDiEH24kO1YwJHWhQOw2A2TwtK0woQ1BhVOGMHGNl yl1eabD2W23s7CDQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1718015084; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=1tSj4U7pfgUsOweIYMKAF/bKziPIcOqA3f2eG0F+/ZQ=; b=md/A7hjTZfDAg//AbKJs+he7FpAVUNT2u2h3STDkl5h4Uqj/IdWusUh88CpRjUbCbW+6Zb hZyoGcHjsr5gEGoZjHN2O0ISh+niPVfM1bvdbX2M+kFk2iQ7xjBrUbrs0UDan9OQhOi4ZS 5j7Yr8+H3qfQXvOaLF+9457gI6mECZte5EvoonOB5k8yirRCUtkxmRH+VtOeCXMfht57co hKualbwWrmXrvgMLFoclw/c/0+hgJF4A5pveaysfIKAKmQgravQkgYSle9usl0kct6z8DF usdwsn37H3WSDD1Uydm1SWWuqgqHRi7OiV6DCAwRZl4GOLIjMxhvDnuTDpZ05g== Message-ID: <0ece4d80-bdfb-4d8d-92f6-4706e955b58d@ipfire.org> Date: Mon, 10 Jun 2024 10:24:00 +0000 MIME-Version: 1.0 To: "IPFire: Development" From: =?utf-8?q?Peter_M=C3=BCller?= Subject: [PATCH] ca-certificates: Update root CA certificates bundle Message-ID-Hash: OCXZARS2TVGV62ADBFJSTZJC3ZTZT4DT X-Message-ID-Hash: OCXZARS2TVGV62ADBFJSTZJC3ZTZT4DT X-MailFrom: peter.mueller@ipfire.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.8 Precedence: list List-Id: IPFire development talk Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Signed-off-by: Peter Müller Reviewed-by: Michael Tremer --- config/ca-certificates/certdata.txt | 124 ++++++++++++++++++++++++++++ lfs/ca-certificates | 2 +- 2 files changed, 125 insertions(+), 1 deletion(-) diff --git a/config/ca-certificates/certdata.txt b/config/ca-certificates/certdata.txt index ed5e6cb17..ea914d409 100644 --- a/config/ca-certificates/certdata.txt +++ b/config/ca-certificates/certdata.txt @@ -25359,3 +25359,127 @@ CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE + +# +# Certificate "FIRMAPROFESIONAL CA ROOT-A WEB" +# +# Issuer: CN=FIRMAPROFESIONAL CA ROOT-A WEB,OID.2.5.4.97=VATES-A62634068,O=Firmaprofesional SA,C=ES +# Serial Number:31:97:21:ed:af:89:42:7f:35:41:87:a1:67:56:4c:6d +# Subject: CN=FIRMAPROFESIONAL CA ROOT-A WEB,OID.2.5.4.97=VATES-A62634068,O=Firmaprofesional SA,C=ES +# Not Valid Before: Wed Apr 06 09:01:36 2022 +# Not Valid After : Sun Mar 31 09:01:36 2047 +# Fingerprint (SHA-256): BE:F2:56:DA:F2:6E:9C:69:BD:EC:16:02:35:97:98:F3:CA:F7:18:21:A0:3E:01:82:57:C5:3C:65:61:7F:3D:4A +# Fingerprint (SHA1): A8:31:11:74:A6:14:15:0D:CA:77:DD:0E:E4:0C:5D:58:FC:A0:72:A5 +CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE +CKA_TOKEN CK_BBOOL CK_TRUE +CKA_PRIVATE CK_BBOOL CK_FALSE +CKA_MODIFIABLE CK_BBOOL CK_FALSE +CKA_LABEL UTF8 "FIRMAPROFESIONAL CA ROOT-A WEB" +CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509 +CKA_SUBJECT MULTILINE_OCTAL +\060\156\061\013\060\011\006\003\125\004\006\023\002\105\123\061 +\034\060\032\006\003\125\004\012\014\023\106\151\162\155\141\160 +\162\157\146\145\163\151\157\156\141\154\040\123\101\061\030\060 +\026\006\003\125\004\141\014\017\126\101\124\105\123\055\101\066 +\062\066\063\064\060\066\070\061\047\060\045\006\003\125\004\003 +\014\036\106\111\122\115\101\120\122\117\106\105\123\111\117\116 +\101\114\040\103\101\040\122\117\117\124\055\101\040\127\105\102 +END +CKA_ID UTF8 "0" +CKA_ISSUER MULTILINE_OCTAL +\060\156\061\013\060\011\006\003\125\004\006\023\002\105\123\061 +\034\060\032\006\003\125\004\012\014\023\106\151\162\155\141\160 +\162\157\146\145\163\151\157\156\141\154\040\123\101\061\030\060 +\026\006\003\125\004\141\014\017\126\101\124\105\123\055\101\066 +\062\066\063\064\060\066\070\061\047\060\045\006\003\125\004\003 +\014\036\106\111\122\115\101\120\122\117\106\105\123\111\117\116 +\101\114\040\103\101\040\122\117\117\124\055\101\040\127\105\102 +END +CKA_SERIAL_NUMBER MULTILINE_OCTAL +\002\020\061\227\041\355\257\211\102\177\065\101\207\241\147\126 +\114\155 +END +CKA_VALUE MULTILINE_OCTAL +\060\202\002\172\060\202\002\000\240\003\002\001\002\002\020\061 +\227\041\355\257\211\102\177\065\101\207\241\147\126\114\155\060 +\012\006\010\052\206\110\316\075\004\003\003\060\156\061\013\060 +\011\006\003\125\004\006\023\002\105\123\061\034\060\032\006\003 +\125\004\012\014\023\106\151\162\155\141\160\162\157\146\145\163 +\151\157\156\141\154\040\123\101\061\030\060\026\006\003\125\004 +\141\014\017\126\101\124\105\123\055\101\066\062\066\063\064\060 +\066\070\061\047\060\045\006\003\125\004\003\014\036\106\111\122 +\115\101\120\122\117\106\105\123\111\117\116\101\114\040\103\101 +\040\122\117\117\124\055\101\040\127\105\102\060\036\027\015\062 +\062\060\064\060\066\060\071\060\061\063\066\132\027\015\064\067 +\060\063\063\061\060\071\060\061\063\066\132\060\156\061\013\060 +\011\006\003\125\004\006\023\002\105\123\061\034\060\032\006\003 +\125\004\012\014\023\106\151\162\155\141\160\162\157\146\145\163 +\151\157\156\141\154\040\123\101\061\030\060\026\006\003\125\004 +\141\014\017\126\101\124\105\123\055\101\066\062\066\063\064\060 +\066\070\061\047\060\045\006\003\125\004\003\014\036\106\111\122 +\115\101\120\122\117\106\105\123\111\117\116\101\114\040\103\101 +\040\122\117\117\124\055\101\040\127\105\102\060\166\060\020\006 +\007\052\206\110\316\075\002\001\006\005\053\201\004\000\042\003 +\142\000\004\107\123\352\054\021\244\167\307\052\352\363\326\137 +\173\323\004\221\134\372\210\306\042\271\203\020\142\167\204\063 +\055\351\003\210\324\340\063\367\355\167\054\112\140\352\344\157 +\255\155\264\370\114\212\244\344\037\312\352\117\070\112\056\202 +\163\053\307\146\233\012\214\100\234\174\212\366\362\071\140\262 +\336\313\354\270\344\157\352\233\135\267\123\220\030\062\125\305 +\040\267\224\243\143\060\141\060\017\006\003\125\035\023\001\001 +\377\004\005\060\003\001\001\377\060\037\006\003\125\035\043\004 +\030\060\026\200\024\223\341\103\143\134\074\235\326\047\363\122 +\354\027\262\251\257\054\367\166\370\060\035\006\003\125\035\016 +\004\026\004\024\223\341\103\143\134\074\235\326\047\363\122\354 +\027\262\251\257\054\367\166\370\060\016\006\003\125\035\017\001 +\001\377\004\004\003\002\001\006\060\012\006\010\052\206\110\316 +\075\004\003\003\003\150\000\060\145\002\060\035\174\244\173\303 +\211\165\063\341\073\251\105\277\106\351\351\241\335\311\042\026 +\267\107\021\013\330\232\272\361\310\013\160\120\123\002\221\160 +\205\131\251\036\244\346\352\043\061\240\000\002\061\000\375\342 +\370\263\257\026\271\036\163\304\226\343\301\060\031\330\176\346 +\303\227\336\034\117\270\211\057\063\353\110\017\031\367\207\106 +\135\046\220\245\205\305\271\172\224\076\207\250\275\000 +END +CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE +CKA_NSS_SERVER_DISTRUST_AFTER CK_BBOOL CK_FALSE +CKA_NSS_EMAIL_DISTRUST_AFTER CK_BBOOL CK_FALSE + +# Trust for "FIRMAPROFESIONAL CA ROOT-A WEB" +# Issuer: CN=FIRMAPROFESIONAL CA ROOT-A WEB,OID.2.5.4.97=VATES-A62634068,O=Firmaprofesional SA,C=ES +# Serial Number:31:97:21:ed:af:89:42:7f:35:41:87:a1:67:56:4c:6d +# Subject: CN=FIRMAPROFESIONAL CA ROOT-A WEB,OID.2.5.4.97=VATES-A62634068,O=Firmaprofesional SA,C=ES +# Not Valid Before: Wed Apr 06 09:01:36 2022 +# Not Valid After : Sun Mar 31 09:01:36 2047 +# Fingerprint (SHA-256): BE:F2:56:DA:F2:6E:9C:69:BD:EC:16:02:35:97:98:F3:CA:F7:18:21:A0:3E:01:82:57:C5:3C:65:61:7F:3D:4A +# Fingerprint (SHA1): A8:31:11:74:A6:14:15:0D:CA:77:DD:0E:E4:0C:5D:58:FC:A0:72:A5 +CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST +CKA_TOKEN CK_BBOOL CK_TRUE +CKA_PRIVATE CK_BBOOL CK_FALSE +CKA_MODIFIABLE CK_BBOOL CK_FALSE +CKA_LABEL UTF8 "FIRMAPROFESIONAL CA ROOT-A WEB" +CKA_CERT_SHA1_HASH MULTILINE_OCTAL +\250\061\021\164\246\024\025\015\312\167\335\016\344\014\135\130 +\374\240\162\245 +END +CKA_CERT_MD5_HASH MULTILINE_OCTAL +\202\262\255\105\000\202\260\146\143\370\137\303\147\116\316\243 +END +CKA_ISSUER MULTILINE_OCTAL +\060\156\061\013\060\011\006\003\125\004\006\023\002\105\123\061 +\034\060\032\006\003\125\004\012\014\023\106\151\162\155\141\160 +\162\157\146\145\163\151\157\156\141\154\040\123\101\061\030\060 +\026\006\003\125\004\141\014\017\126\101\124\105\123\055\101\066 +\062\066\063\064\060\066\070\061\047\060\045\006\003\125\004\003 +\014\036\106\111\122\115\101\120\122\117\106\105\123\111\117\116 +\101\114\040\103\101\040\122\117\117\124\055\101\040\127\105\102 +END +CKA_SERIAL_NUMBER MULTILINE_OCTAL +\002\020\061\227\041\355\257\211\102\177\065\101\207\241\147\126 +\114\155 +END +CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR +CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST +CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST +CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE + diff --git a/lfs/ca-certificates b/lfs/ca-certificates index 5fe5ca550..6c603340a 100644 --- a/lfs/ca-certificates +++ b/lfs/ca-certificates @@ -24,7 +24,7 @@ include Config -VER = 20240217 +VER = 20240610 # From https://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txt