Check-in [69efc196d7]
Overview
Comment:Added "Common Policy" root CA
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | piv
Files: files | file ages | folders
SHA1:69efc196d7c9f90be0e1eeaf780d6f9091df3773
User & Date: rkeene on 2013-01-15 19:15:38
Other Links: manifest | tags
Context
2013-01-15
21:00
Added additional debugging output check-in: b7f98935cd user: rkeene tags: piv
19:15
Added "Common Policy" root CA check-in: 69efc196d7 user: rkeene tags: piv
19:03
Removed extraneous CA check-in: acce3f42d5 user: rkeene tags: piv
Changes

Modified build/certs/federal/Makefile from [b3e9bfcd30] to [7088ba1ceb].

     1         -all: cert-1.crt CPCA_TRCA.crt
            1  +all: cert-1.crt CPCA_TRCA.crt CommonPolicy.crt
     2      2   	grep -l 'Issuer: C=US, O=U.S. Government, OU=FPKI, CN=Federal Bridge CA' *.crt | xargs rm -f
     3      3   	grep -l 'Subject: C=US, O=U.S. Government, OU=FPKI, CN=Federal Common Policy CA' *.crt  | xargs grep -H 'Issuer:' | grep -v 'Issuer: C=us, O=U.S. Government, OU=FBCA, CN=Common Policy' | cut -f 1 -d : | xargs rm -f
     4      4   
     5      5   CPCA_TRCA.crt:
     6      6   	wget -O - --no-check-certificate https://pki.treas.gov/CPCA_TRCA.cer | openssl x509 -text > "$@.new"
     7      7   	mv "$@.new" "$@"
     8      8   
................................................................................
     9      9   caCertsIssuedTofcpca.p7c:
    10     10   	wget -O "$@.new" http://http.fpki.gov/fcpca/caCertsIssuedTofcpca.p7c
    11     11   	mv "$@.new" "$@"
    12     12   
    13     13   root_sia.p7b:
    14     14   	wget -O "$@.new" --no-check-certificate https://pki.treas.gov/root_sia.p7b
    15     15   	mv "$@.new" "$@"
           16  +
           17  +CommonPolicy.crt:
           18  +	wget -O - http://fpkia.gsa.gov/CommonPolicy/CommonPolicy.crt | openssl x509 -inform der -text > "$@.new"
           19  +	mv "$@.new" "$@"
    16     20   
    17     21   cert-%.crt: root_sia.p7b caCertsIssuedTofcpca.p7c
    18     22   	idx=0; \
    19     23   	( \
    20     24   		openssl pkcs7 -in root_sia.p7b -inform DER -print_certs -text; \
    21     25   		openssl pkcs7 -in caCertsIssuedTofcpca.p7c -inform DER -print_certs -text; \
    22     26   	) | while IFS='' read -r line; do \
................................................................................
    27     31   		if [ "$${line}" == "-----END CERTIFICATE-----" ]; then \
    28     32   			idx=$$[$$idx + 1]; \
    29     33   		fi; \
    30     34   	done
    31     35   
    32     36   clean:
    33     37   	rm -f cert-*.crt
    34         -	rm -f CPCA_TRCA.crt.new root_sia.p7b.new caCertsIssuedTofcpca.p7c.new
           38  +	rm -f CPCA_TRCA.crt.new root_sia.p7b.new caCertsIssuedTofcpca.p7c.new CommonPolicy.crt.new
    35     39   
    36     40   distclean: clean
    37         -	rm -f CPCA_TRCA.crt root_sia.p7b caCertsIssuedTofcpca.p7c
           41  +	rm -f CPCA_TRCA.crt root_sia.p7b caCertsIssuedTofcpca.p7c CommonPolicy.crt

Modified cackey_builtin_certs.h from [afc4814f42] to [954ba4d224].

cannot compute difference between binary files