--- generate-cacerts.pl 2008-07-05 19:59:02.000000000 +0300 +++ generate-cacerts.pl.2 2008-07-05 20:06:42.000000000 +0300 @@ -76,16 +76,14 @@ { $cert_alias = "verisignclass2g3ca"; } - elsif ($cert =~ /Class 3 Public Primary Certification Authority$/) - { - $cert_alias = "verisignclass3ca"; - } + # "Class 3 Public Primary Certification Authority" is duplicated, + # so using serial number to match it. + # Version 1 of Class 3 Public Primary Certification Authority # - G2 is added. Version 3 is excluded. See below. - elsif ($cert =~ /Class 3 Public Primary Certification Authority - G2/) - { - $cert_alias = "verisignclass3g2ca"; - } + + # "Class 3 Public Primary Certification Authority - G2" is duplicated, + # so using serial number to match it. elsif ($cert =~ /VeriSign Class 3 Public Primary Certification Authority - G3/) { @@ -234,6 +232,14 @@ # trustcenterclass2caii # trustcenterclass4caii # trustcenteruniversalcai + elsif ($cert_alias eq "VERISIGNCLASS3CA") + { + $cert_alias = "verisignclass3ca"; + } + elsif ($cert_alias eq "VERISIGNCLASS3G2CA") + { + $cert_alias = "verisignclass3g2ca"; + } else { # Generate an alias using the OU and CN attributes of the @@ -264,6 +270,14 @@ $cert_alias = "extra-$_"; } } + elsif ($cert =~ /70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf/) + { + $cert_alias = "VERISIGNCLASS3CA"; + } + elsif ($cert =~ /7d:d9:fe:07:cf:a8:1e:b7:10:79:67:fb:a7:89:34:c6/) + { + $cert_alias = "VERISIGNCLASS3G2CA"; + } # When it attempts to parse: # # Class 3 Public Primary Certification Authority - G2, Version 3 @@ -308,7 +322,8 @@ print PEM $cert; close(PEM); } - $write_current_cert = 1 + $write_current_cert = 1; + $cert_alias .= "-alt"; } else {