Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Fetching contributors…

Cannot retrieve contributors at this time

28 lines (21 sloc) 1.049 kb
===========================================================================
$NetBSD: MESSAGE,v 1.3 2011/06/10 16:23:45 drochner Exp $
Execute these commands to extract and rehash all CA root certificates
distributed by the Mozilla Project, so that they can be used by third
party applications using OpenSSL:
# cd /etc/openssl/certs # Default SSLCERTS path for NetBSD
# mozilla-rootcerts extract
# mozilla-rootcerts rehash
To create a single file certificate bundle in PEM format which can
be used by applications using GnuTLS, do the following:
# mkdir -p /etc/ssl/certs
# cd /etc/ssl/certs
# cat ../../openssl/certs/*.pem >ca-certificates.crt
To mark these certificates as trusted for users of gnupg2, do
the following (assuming default PKG_SYSCONFBASE and a Bourne shell):
# mkdir /usr/pkg/etc/gnupg
# cd /usr/pkg/etc/gnupg
# for c in /etc/openssl/certs/*.pem; do
> openssl x509 -in $c -noout -fingerprint|sed 's|^.*=\(.*\)|\1 S|'
> done > trustlist.txt
===========================================================================
Jump to Line
Something went wrong with that request. Please try again.