1# 2# CDDL HEADER START 3# 4# The contents of this file are subject to the terms of the 5# Common Development and Distribution License (the "License"). 6# You may not use this file except in compliance with the License. 7# 8# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9# or http://www.opensolaris.org/os/licensing. 10# See the License for the specific language governing permissions 11# and limitations under the License. 12# 13# When distributing Covered Code, include this CDDL HEADER in each 14# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15# If applicable, add the following below this CDDL HEADER, with the 16# fields enclosed by brackets "[]" replaced with your own identifying 17# information: Portions Copyright [yyyy] [name of copyright owner] 18# 19# CDDL HEADER END 20# 21# 22# Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved. 23# 24 25# 26# These CA certs are extracted from the NSS database libnssckbi.so. 27# Each CA cert is pointed by a symbolic link. The name of the 28# symbolic link file is determined by the "hash" value using 29# openssl command. When the NSS database is updated, we will extract 30# the CA certs out of it and deliver the new set of CA certs. 31# 32 33CASRCDIR = CA-certs 34OPENSSL = /usr/bin/openssl 35 36CAFILES = ABAecom_sub.,_Am._Bankers_Assn._Root_CA.pem \ 37 AddTrust_External_Root.pem \ 38 AddTrust_Low-Value_Services_Root.pem \ 39 AddTrust_Public_Services_Root.pem \ 40 AddTrust_Qualified_Certificates_Root.pem \ 41 America_Online_Root_Certification_Authority_1.pem \ 42 America_Online_Root_Certification_Authority_2.pem \ 43 AOL_Time_Warner_Root_Certification_Authority_1.pem \ 44 AOL_Time_Warner_Root_Certification_Authority_2.pem \ 45 Baltimore_CyberTrust_Root.pem \ 46 beTRUSTed_Root_CA-Baltimore_Implementation.pem \ 47 beTRUSTed_Root_CA_-_Entrust_Implementation.pem \ 48 beTRUSTed_Root_CA.pem \ 49 beTRUSTed_Root_CA_-_RSA_Implementation.pem \ 50 Camerfirma_Chambers_of_Commerce_Root.pem \ 51 Camerfirma_Global_Chambersign_Root.pem \ 52 Certigna.pem \ 53 Certplus_Class_2_Primary_CA.pem \ 54 Certum_Root_CA.pem \ 55 Comodo_AAA_Services_root.pem \ 56 COMODO_Certification_Authority.pem \ 57 COMODO_ECC_Certification_Authority.pem \ 58 Comodo_Secure_Services_root.pem \ 59 Comodo_Trusted_Services_root.pem \ 60 ComSign_CA.pem \ 61 ComSign_Secured_CA.pem \ 62 Cybertrust_Global_Root.pem \ 63 Deutsche_Telekom_Root_CA_2.pem \ 64 DigiCert_Assured_ID_Root_CA.pem \ 65 DigiCert_Global_Root_CA.pem \ 66 DigiCert_High_Assurance_EV_Root_CA.pem \ 67 DigiNotar_Root_CA.pem \ 68 Digital_Signature_Trust_Co._Global_CA_1.pem \ 69 Digital_Signature_Trust_Co._Global_CA_2.pem \ 70 Digital_Signature_Trust_Co._Global_CA_3.pem \ 71 Digital_Signature_Trust_Co._Global_CA_4.pem \ 72 DST_ACES_CA_X6.pem \ 73 DST_Root_CA_X3.pem \ 74 Entrust.net_Global_Secure_Personal_CA.pem \ 75 Entrust.net_Global_Secure_Server_CA.pem \ 76 Entrust.net_Premium_2048_Secure_Server_CA.pem \ 77 Entrust.net_Secure_Personal_CA.pem \ 78 Entrust.net_Secure_Server_CA.pem \ 79 Entrust_Root_Certification_Authority.pem \ 80 ePKI_Root_Certification_Authority.pem \ 81 Equifax_Secure_CA.pem \ 82 Equifax_Secure_eBusiness_CA_1.pem \ 83 Equifax_Secure_eBusiness_CA_2.pem \ 84 Equifax_Secure_Global_eBusiness_CA.pem \ 85 Firmaprofesional_Root_CA.pem \ 86 GeoTrust_Global_CA_2.pem \ 87 GeoTrust_Global_CA.pem \ 88 GeoTrust_Primary_Certification_Authority.pem \ 89 GeoTrust_Universal_CA_2.pem \ 90 GeoTrust_Universal_CA.pem \ 91 GlobalSign_Root_CA.pem \ 92 GlobalSign_Root_CA_-_R2.pem \ 93 Go_Daddy_Class_2_CA.pem \ 94 GTE_CyberTrust_Global_Root.pem \ 95 GTE_CyberTrust_Root_CA.pem \ 96 IGC_A.pem \ 97 IPS_Chained_CAs_root.pem \ 98 IPS_CLASE1_root.pem \ 99 IPS_CLASE3_root.pem \ 100 IPS_CLASEA1_root.pem \ 101 IPS_CLASEA3_root.pem \ 102 IPS_Servidores_root.pem \ 103 IPS_Timestamping_root.pem \ 104 MD5_Collisions_Forged_Rogue_CA_25c3.pem \ 105 Microsec_e-Szigno_Root_CA.pem \ 106 NetLock_Business_Class_B_Root.pem \ 107 NetLock_Express_Class_C_Root.pem \ 108 NetLock_Notary_Class_A_Root.pem \ 109 NetLock_Qualified_Class_QA_Root.pem \ 110 Network_Solutions_Certificate_Authority.pem \ 111 OISTE_WISeKey_Global_Root_GA_CA.pem \ 112 QuoVadis_Root_CA_2.pem \ 113 QuoVadis_Root_CA_3.pem \ 114 QuoVadis_Root_CA.pem \ 115 RSA_Root_Certificate_1.pem \ 116 RSA_Security_1024_v3.pem \ 117 RSA_Security_2048_v3.pem \ 118 Secure_Global_CA.pem \ 119 SecureTrust_CA.pem \ 120 Security_Communication_EV_RootCA1.pem \ 121 Security_Communication_Root_CA.pem \ 122 Sonera_Class_1_Root_CA.pem \ 123 Sonera_Class_2_Root_CA.pem \ 124 Staat_der_Nederlanden_Root_CA.pem \ 125 Starfield_Class_2_CA.pem \ 126 StartCom_Certification_Authority.pem \ 127 StartCom_Ltd..pem \ 128 S-TRUST_Authentication_and_Encryption_Root_CA_2005_PN.pem \ 129 Swisscom_Root_CA_1.pem \ 130 SwissSign_Gold_CA_-_G2.pem \ 131 SwissSign_Platinum_CA_-_G2.pem \ 132 SwissSign_Silver_CA_-_G2.pem \ 133 Taiwan_GRCA.pem \ 134 TC_TrustCenter_Class_2_CA_II.pem \ 135 TC_TrustCenter_Class_3_CA_II.pem \ 136 TC_TrustCenter,_Germany,_Class_2_CA.pem \ 137 TC_TrustCenter,_Germany,_Class_3_CA.pem \ 138 TC_TrustCenter_Universal_CA_I.pem \ 139 TDC_Internet_Root_CA.pem \ 140 TDC_OCES_Root_CA.pem \ 141 Thawte_Personal_Basic_CA.pem \ 142 Thawte_Personal_Freemail_CA.pem \ 143 Thawte_Personal_Premium_CA.pem \ 144 Thawte_Premium_Server_CA.pem \ 145 thawte_Primary_Root_CA.pem \ 146 Thawte_Server_CA.pem \ 147 Thawte_Time_Stamping_CA.pem \ 148 TURKTRUST_Certificate_Services_Provider_Root_1.pem \ 149 TURKTRUST_Certificate_Services_Provider_Root_2.pem \ 150 UTN_DATACorp_SGC_Root_CA.pem \ 151 UTN_USERFirst_Email_Root_CA.pem \ 152 UTN_USERFirst_Hardware_Root_CA.pem \ 153 UTN-USER_First-Network_Applications.pem \ 154 UTN_USERFirst_Object_Root_CA.pem \ 155 ValiCert_Class_1_VA.pem \ 156 ValiCert_Class_2_VA.pem \ 157 Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.pem \ 158 Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.pem \ 159 Verisign_Class_1_Public_Primary_Certification_Authority.pem \ 160 Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.pem \ 161 Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.pem \ 162 Verisign_Class_2_Public_Primary_Certification_Authority.pem \ 163 Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.pem \ 164 Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.pem \ 165 VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.pem \ 166 Verisign_Class_3_Public_Primary_Certification_Authority.pem \ 167 Verisign_Class_4_Public_Primary_Certification_Authority_-_G2.pem \ 168 Verisign_Class_4_Public_Primary_Certification_Authority_-_G3.pem \ 169 Verisign_RSA_Secure_Server_CA.pem \ 170 Verisign_Time_Stamping_Authority_CA.pem \ 171 Visa_eCommerce_Root.pem \ 172 Visa_International_Global_Root_2.pem \ 173 Wells_Fargo_Root_CA.pem \ 174 WellsSecure_Public_Root_Certificate_Authority.pem \ 175 XRamp_Global_CA_Root.pem 176 177IETCCAFILES += $(CAFILES:%=$(ROOTETCCADIR)/%) 178 179$(ROOTETCCADIR)/%: $(CASRCDIR)/% 180 $(INS.file); \ 181 ROOTCALINK=$(ROOTETCCALINKDIR)/`$(OPENSSL) x509 -noout -hash -in $<`.0; \ 182 $(RM) $$ROOTCALINK; \ 183 $(LN) -s $(CATARGDIR)/$(@F) $$ROOTCALINK 184