mirror of
https://abf.rosa.ru/djam/rootcerts.git
synced 2025-02-23 16:52:57 +00:00
Add Russian root certificates, update bundle
This commit is contained in:
Mikhail Novosyolov
parent
7ac8c4511a
commit
be78752e9b
4 changed files with 5884 additions and 4359 deletions
1
.abf.yml
1
.abf.yml
|
|
@ -1,2 +1,3 @@
|
|||
sources:
|
||||
RootCa_SSL_RSA.zip: 167af4dbc50bcc17cf09b51a364df67d69711bf7
|
||||
trust-fixes: adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
|
||||
|
|
|
|||
10214
certdata.txt
10214
certdata.txt
File diff suppressed because it is too large
Load diff
|
|
@ -22,8 +22,8 @@ Name: rootcerts
|
|||
# BuildRequires: rootcerts >= 0:20070402.00, for example
|
||||
# - NEVER specifying the %%{release}
|
||||
Epoch: 1
|
||||
Version: 20200910.00
|
||||
Release: 3
|
||||
Version: 20220927.00
|
||||
Release: 1
|
||||
License: GPL
|
||||
Group: System/Servers
|
||||
URL: %{disturl}
|
||||
|
|
@ -50,6 +50,8 @@ Source5: ca-legacy.conf
|
|||
Source6: ca-legacy
|
||||
Source9: ca-legacy.8.txt
|
||||
Source10: update-ca-trust.8.txt
|
||||
# https://www.gosuslugi.ru/tls
|
||||
Source11: https://gu-st.ru/content/lending/RootCa_SSL_RSA.zip
|
||||
BuildRequires: python3
|
||||
BuildRequires: openssl
|
||||
BuildRequires: nss
|
||||
|
|
@ -62,6 +64,10 @@ BuildRequires: javapackages-tools
|
|||
BuildRequires: docbook-xsl
|
||||
BuildRequires: asciidoc
|
||||
BuildRequires: xsltproc
|
||||
Recommends: (%{name}-russia if locales-ru)
|
||||
# have rootcerts-russia installed before update-ca-trust is run
|
||||
# TODO: convert %%post into filetriggers
|
||||
OrderWithRequires(post): %{name}-russia
|
||||
Requires(post): coreutils
|
||||
Requires(post): p11-kit
|
||||
Requires(post): p11-kit-trust
|
||||
|
|
@ -81,6 +87,18 @@ in both plain text and PEM format and therefore can be directly used
|
|||
with an Apache/mod_ssl webserver for SSL client authentication. Just
|
||||
configure this file as the SSLCACertificateFile.
|
||||
|
||||
#--------------------------------------------------------------------
|
||||
|
||||
%package russia
|
||||
Summary: Root certificates of Russian government (Mintsyfra)
|
||||
Url: https://www.gosuslugi.ru/tls
|
||||
Requires: %{name}
|
||||
|
||||
%description russia
|
||||
Root certificates of Russian government (Mintsyfra)
|
||||
|
||||
#--------------------------------------------------------------------
|
||||
|
||||
%if %{with java}
|
||||
%package java
|
||||
Summary: Bundle of CA Root Certificates for Java
|
||||
|
|
@ -209,6 +227,9 @@ mkdir -p -m 755 %{buildroot}%{_datadir}/pki/ca-trust-legacy
|
|||
install -p -m 644 %{name}/%{legacy_default_bundle} %{buildroot}%{_datadir}/pki/ca-trust-legacy/%{legacy_default_bundle}
|
||||
install -p -m 644 %{name}/%{legacy_disable_bundle} %{buildroot}%{_datadir}/pki/ca-trust-legacy/%{legacy_disable_bundle}
|
||||
|
||||
unzip %{SOURCE11}
|
||||
install -m0644 rootca_ssl_rsa2022.cer %{buildroot}%{catrustdir}/source/anchors/russia_rsa2022.cer
|
||||
|
||||
%if %with java
|
||||
install -d %{buildroot}%{_sysconfdir}/pki/java
|
||||
%endif
|
||||
|
|
@ -305,3 +326,5 @@ ln -s %{catrustdir}/extracted/%{java_bundle} \
|
|||
%config(noreplace) %{_sysconfdir}/pki/java/cacerts
|
||||
%endif
|
||||
|
||||
%files russia
|
||||
%{catrustdir}/source/anchors/russia_rsa2022.cer
|
||||
|
|
|
|||
|
|
@ -1 +0,0 @@
|
|||
|
||||
Loading…
Add table
Reference in a new issue