[Bug 229329] java/openjdk8: allow user to trust extra local certificates

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Tue Jun 26 09:22:43 UTC 2018


https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=229329

--- Comment #5 from Michael Osipov <1983-01-06 at gmx.net> ---
(In reply to Palle Girgensohn from comment #4)

Switching to security/ca_root_nss would solve my problem if and only if bug
160387 would be resolved. It would make cert usage on the system consistent
across implementations within a company.

What I did for the moment is

> $ svn diff /usr/ports/security/ca_root_nss/
> Index: /usr/ports/security/ca_root_nss/Makefile
> ===================================================================
> --- /usr/ports/security/ca_root_nss/Makefile    (Revision 473303)
> +++ /usr/ports/security/ca_root_nss/Makefile    (Arbeitskopie)
> @@ -54,6 +54,7 @@
>                 ${PERL} ${WRKDIR}/${BUNDLE_PROCESSOR} \
>             < ${WRKDIR}/certdata.txt > \
>             ${WRKDIR}/ca-root-nss.crt
> +       @${CAT} ${FILESDIR}/siemens_ca_certificates.pem >> ${WRKDIR}/ca-root-nss.crt
> 
>  do-install:
>         ${MKDIR} ${STAGEDIR}${PREFIX}/${CERTDIR}


Ignoring cert errors is absolutely not an option.

-- 
You are receiving this mail because:
You are the assignee for the bug.


More information about the freebsd-java mailing list