Overview
| Comment: | Updated to build a certificate chain to a root (atleast one) and also not have loops in chains |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | piv |
| Files: | files | file ages | folders |
| SHA1: |
1847ef7af2a89b56508468e20001dc19 |
| User & Date: | rkeene on 2013-01-15 18:44:50 |
| Other Links: | branch diff | manifest | tags |
Context
|
2013-01-15
| ||
| 18:48 | Updated built-in certs, and added script to rebuild built-in certs check-in: 2c8ab6e8d0 user: rkeene tags: piv | |
| 18:44 | Updated to build a certificate chain to a root (atleast one) and also not have loops in chains check-in: 1847ef7af2 user: rkeene tags: piv | |
| 15:59 | Updated to use BER-TLV decoding to extract responses rather than hard-coded offsets check-in: ab26dec401 user: rkeene tags: piv | |
Changes
Modified build/certs/federal/Makefile from [f3527cc8d2] to [cb6b7e3e05].
1 2 3 4 5 6 7 8 | all: cert-1.crt CPCA_TRCA.crt CPCA_TRCA.crt: wget -O - --no-check-certificate https://pki.treas.gov/CPCA_TRCA.cer | openssl x509 -text > "$@.new" mv "$@.new" "$@" caCertsIssuedTofcpca.p7c: wget -O "$@.new" http://http.fpki.gov/fcpca/caCertsIssuedTofcpca.p7c | > > | 1 2 3 4 5 6 7 8 9 10 | all: cert-1.crt CPCA_TRCA.crt grep -l 'Issuer: C=US, O=U.S. Government, OU=FPKI, CN=Federal Bridge CA' *.crt | xargs rm -f grep -l 'Subject: C=US, O=U.S. Government, OU=FPKI, CN=Federal Common Policy CA' *.crt | xargs grep -l 'Issuer: C=US, O=U.S. Government, OU=Department of the Treasury, OU=Certification Authorities, OU=US Treasury Root CA' | xargs rm -f CPCA_TRCA.crt: wget -O - --no-check-certificate https://pki.treas.gov/CPCA_TRCA.cer | openssl x509 -text > "$@.new" mv "$@.new" "$@" caCertsIssuedTofcpca.p7c: wget -O "$@.new" http://http.fpki.gov/fcpca/caCertsIssuedTofcpca.p7c |
| ︙ | ︙ | |||
22 23 24 25 26 27 28 |
continue; \
fi; \
echo "$${line}" >> "cert-$${idx}.crt"; \
if [ "$${line}" == "-----END CERTIFICATE-----" ]; then \
idx=$$[$$idx + 1]; \
fi; \
done
| < | 24 25 26 27 28 29 30 31 32 33 34 35 36 37 |
continue; \
fi; \
echo "$${line}" >> "cert-$${idx}.crt"; \
if [ "$${line}" == "-----END CERTIFICATE-----" ]; then \
idx=$$[$$idx + 1]; \
fi; \
done
clean:
rm -f cert-*.crt
rm -f CPCA_TRCA.crt.new root_sia.p7b.new caCertsIssuedTofcpca.p7c.new
distclean: clean
rm -f CPCA_TRCA.crt root_sia.p7b caCertsIssuedTofcpca.p7c
|