Check-in [1847ef7af2]
Overview
Comment:Updated to build a certificate chain to a root (atleast one) and also not have loops in chains
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | piv
Files: files | file ages | folders
SHA1: 1847ef7af2a89b56508468e20001dc19375aa791
User & Date: rkeene on 2013-01-15 18:44:50
Other Links: branch diff | manifest | tags
Context
2013-01-15
18:48
Updated built-in certs, and added script to rebuild built-in certs check-in: 2c8ab6e8d0 user: rkeene tags: piv
18:44
Updated to build a certificate chain to a root (atleast one) and also not have loops in chains check-in: 1847ef7af2 user: rkeene tags: piv
15:59
Updated to use BER-TLV decoding to extract responses rather than hard-coded offsets check-in: ab26dec401 user: rkeene tags: piv
Changes

Modified build/certs/federal/Makefile from [f3527cc8d2] to [cb6b7e3e05].

1


2
3
4
5
6
7
8
all: cert-1.crt CPCA_TRCA.crt



CPCA_TRCA.crt:
	wget -O - --no-check-certificate https://pki.treas.gov/CPCA_TRCA.cer | openssl x509 -text > "$@.new"
	mv "$@.new" "$@"

caCertsIssuedTofcpca.p7c:
	wget -O "$@.new" http://http.fpki.gov/fcpca/caCertsIssuedTofcpca.p7c

>
>







1
2
3
4
5
6
7
8
9
10
all: cert-1.crt CPCA_TRCA.crt
	grep -l 'Issuer: C=US, O=U.S. Government, OU=FPKI, CN=Federal Bridge CA' *.crt | xargs rm -f
	grep -l 'Subject: C=US, O=U.S. Government, OU=FPKI, CN=Federal Common Policy CA' *.crt | xargs grep -l 'Issuer: C=US, O=U.S. Government, OU=Department of the Treasury, OU=Certification Authorities, OU=US Treasury Root CA' | xargs rm -f

CPCA_TRCA.crt:
	wget -O - --no-check-certificate https://pki.treas.gov/CPCA_TRCA.cer | openssl x509 -text > "$@.new"
	mv "$@.new" "$@"

caCertsIssuedTofcpca.p7c:
	wget -O "$@.new" http://http.fpki.gov/fcpca/caCertsIssuedTofcpca.p7c
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
			continue; \
		fi; \
		echo "$${line}" >> "cert-$${idx}.crt"; \
		if [ "$${line}" == "-----END CERTIFICATE-----" ]; then \
			idx=$$[$$idx + 1]; \
		fi; \
	done
	grep -l 'Subject: C=US, O=U.S. Government, OU=Department of the Treasury, OU=Certification Authorities, OU=US Treasury Root CA' cert-*.crt | xargs rm -f

clean:
	rm -f cert-*.crt
	rm -f CPCA_TRCA.crt.new root_sia.p7b.new caCertsIssuedTofcpca.p7c.new

distclean: clean
	rm -f CPCA_TRCA.crt root_sia.p7b caCertsIssuedTofcpca.p7c







<







24
25
26
27
28
29
30

31
32
33
34
35
36
37
			continue; \
		fi; \
		echo "$${line}" >> "cert-$${idx}.crt"; \
		if [ "$${line}" == "-----END CERTIFICATE-----" ]; then \
			idx=$$[$$idx + 1]; \
		fi; \
	done


clean:
	rm -f cert-*.crt
	rm -f CPCA_TRCA.crt.new root_sia.p7b.new caCertsIssuedTofcpca.p7c.new

distclean: clean
	rm -f CPCA_TRCA.crt root_sia.p7b caCertsIssuedTofcpca.p7c