crypto: update root certificates by bnoordhuis · Pull Request #19322 · nodejs/node
added 4 commits
March 13, 2018 16:46
Update the list of root certificates in src/node_root_certs.h with tools/mk-ca-bundle.pl. Certificates added: - GDCA TrustAUTH R5 ROOT - SSL.com EV Root Certification Authority ECC - SSL.com EV Root Certification Authority RSA R2 - SSL.com Root Certification Authority ECC - SSL.com Root Certification Authority RSA - TrustCor ECA-1 - TrustCor RootCert CA-1 - TrustCor RootCert CA-2 Certificates removed: - ACEDICOM Root - AddTrust Low-Value Services Root - AddTrust Public Services Root - AddTrust ualified Certificates Root - CA Disig Root R1 - Camerfirma Chambers of Commerce Root - Camerfirma Global Chambersign Root - CA WoSign ECC Root - Certification Authority of WoSign G2 - Certinomis - Autorité Racine - Certum Root CA - China Internet Network Information Center EV Certificates Root - CNNIC ROOT - Comodo Secure Services root - Comodo Trusted Services root - DST ACES CA X6 - GeoTrust Global CA 2 - PSCProcert - Security Communication EV RootCA1 - StartCom Certification Authority - StartCom Certification Authority - StartCom Certification Authority G2 - Swisscom Root CA 1 - Swisscom Root CA 2 - Swisscom Root EV CA 2 - TUBITAK UEKAE Kok Sertifika Hizmet Saglayicisi - Surum 3 - TURKTRUST Certificate Services Provider Root 2007 - UTN USERFirst Hardware Root CA - WoSign - WoSign China
The previous commit removed the CNNIC root certificates and makes the test/parallel/test-tls-cnnic-whitelist.js test fail with an UNABLE_TO_VERIFY_LEAF_SIGNATURE error instead of the "expected" CERT_REVOKED error. "Expected" between scare quotes because of course the new error is not unexpected.
Remove the CNNIC certificates again and remove the whitelist from commit 3beb880 ("crypto: add cert check to CNNIC Whitelist") from June 2015.
nodejs-github-bot
added
c++
labels
Mar 13, 2018MylesBorins pushed a commit that referenced this pull request
Mar 26, 2018
Update the list of root certificates in src/node_root_certs.h with tools/mk-ca-bundle.pl. Certificates added: - GDCA TrustAUTH R5 ROOT - SSL.com EV Root Certification Authority ECC - SSL.com EV Root Certification Authority RSA R2 - SSL.com Root Certification Authority ECC - SSL.com Root Certification Authority RSA - TrustCor ECA-1 - TrustCor RootCert CA-1 - TrustCor RootCert CA-2 Certificates removed: - ACEDICOM Root - AddTrust Low-Value Services Root - AddTrust Public Services Root - AddTrust ualified Certificates Root - CA Disig Root R1 - Camerfirma Chambers of Commerce Root - Camerfirma Global Chambersign Root - CA WoSign ECC Root - Certification Authority of WoSign G2 - Certinomis - Autorité Racine - Certum Root CA - China Internet Network Information Center EV Certificates Root - CNNIC ROOT - Comodo Secure Services root - Comodo Trusted Services root - DST ACES CA X6 - GeoTrust Global CA 2 - PSCProcert - Security Communication EV RootCA1 - StartCom Certification Authority - StartCom Certification Authority - StartCom Certification Authority G2 - Swisscom Root CA 1 - Swisscom Root CA 2 - Swisscom Root EV CA 2 - TUBITAK UEKAE Kok Sertifika Hizmet Saglayicisi - Surum 3 - TURKTRUST Certificate Services Provider Root 2007 - UTN USERFirst Hardware Root CA - WoSign - WoSign China PR-URL: #19322 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
MylesBorins pushed a commit that referenced this pull request
Mar 26, 2018
Remove the CNNIC certificates again and remove the whitelist from commit 3beb880 ("crypto: add cert check to CNNIC Whitelist") from June 2015. PR-URL: #19322 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
bnoordhuis added a commit to bnoordhuis/io.js that referenced this pull request
Mar 27, 2018
Update the list of root certificates in src/node_root_certs.h with tools/mk-ca-bundle.pl. Certificates added: - GDCA TrustAUTH R5 ROOT - SSL.com EV Root Certification Authority ECC - SSL.com EV Root Certification Authority RSA R2 - SSL.com Root Certification Authority ECC - SSL.com Root Certification Authority RSA - TrustCor ECA-1 - TrustCor RootCert CA-1 - TrustCor RootCert CA-2 Certificates removed: - ACEDICOM Root - AddTrust Low-Value Services Root - AddTrust Public Services Root - AddTrust ualified Certificates Root - CA Disig Root R1 - Camerfirma Chambers of Commerce Root - Camerfirma Global Chambersign Root - CA WoSign ECC Root - Certification Authority of WoSign G2 - Certinomis - Autorité Racine - Certum Root CA - China Internet Network Information Center EV Certificates Root - CNNIC ROOT - Comodo Secure Services root - Comodo Trusted Services root - DST ACES CA X6 - GeoTrust Global CA 2 - PSCProcert - Security Communication EV RootCA1 - StartCom Certification Authority - StartCom Certification Authority - StartCom Certification Authority G2 - Swisscom Root CA 1 - Swisscom Root CA 2 - Swisscom Root EV CA 2 - TUBITAK UEKAE Kok Sertifika Hizmet Saglayicisi - Surum 3 - TURKTRUST Certificate Services Provider Root 2007 - UTN USERFirst Hardware Root CA - WoSign - WoSign China PR-URL: nodejs#19322 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
bnoordhuis added a commit to bnoordhuis/io.js that referenced this pull request
Mar 27, 2018
Remove the CNNIC certificates again and remove the whitelist from commit 3beb880 ("crypto: add cert check to CNNIC Whitelist") from June 2015. PR-URL: nodejs#19322 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
bnoordhuis added a commit to bnoordhuis/io.js that referenced this pull request
Mar 27, 2018
Remove the CNNIC certificates again and remove the whitelist from commit 3beb880 ("crypto: add cert check to CNNIC Whitelist") from June 2015. PR-URL: nodejs#19322 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
bnoordhuis added a commit to bnoordhuis/io.js that referenced this pull request
Mar 27, 2018
Update the list of root certificates in src/node_root_certs.h with tools/mk-ca-bundle.pl. Certificates added: - GDCA TrustAUTH R5 ROOT - SSL.com EV Root Certification Authority ECC - SSL.com EV Root Certification Authority RSA R2 - SSL.com Root Certification Authority ECC - SSL.com Root Certification Authority RSA - TrustCor ECA-1 - TrustCor RootCert CA-1 - TrustCor RootCert CA-2 Certificates removed: - ACEDICOM Root - AddTrust Low-Value Services Root - AddTrust Public Services Root - AddTrust ualified Certificates Root - CA Disig Root R1 - Camerfirma Chambers of Commerce Root - Camerfirma Global Chambersign Root - CA WoSign ECC Root - Certification Authority of WoSign G2 - Certinomis - Autorité Racine - Certum Root CA - China Internet Network Information Center EV Certificates Root - CNNIC ROOT - Comodo Secure Services root - Comodo Trusted Services root - DST ACES CA X6 - GeoTrust Global CA 2 - PSCProcert - Security Communication EV RootCA1 - StartCom Certification Authority - StartCom Certification Authority - StartCom Certification Authority G2 - Swisscom Root CA 1 - Swisscom Root CA 2 - Swisscom Root EV CA 2 - TUBITAK UEKAE Kok Sertifika Hizmet Saglayicisi - Surum 3 - TURKTRUST Certificate Services Provider Root 2007 - UTN USERFirst Hardware Root CA - WoSign - WoSign China PR-URL: nodejs#19322 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
bnoordhuis added a commit to bnoordhuis/io.js that referenced this pull request
Mar 27, 2018
Remove the CNNIC certificates again and remove the whitelist from commit 3beb880 ("crypto: add cert check to CNNIC Whitelist") from June 2015. PR-URL: nodejs#19322 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
This was referenced
Mar 27, 2018MylesBorins pushed a commit that referenced this pull request
Mar 28, 2018
Update the list of root certificates in src/node_root_certs.h with tools/mk-ca-bundle.pl. Certificates added: - GDCA TrustAUTH R5 ROOT - SSL.com EV Root Certification Authority ECC - SSL.com EV Root Certification Authority RSA R2 - SSL.com Root Certification Authority ECC - SSL.com Root Certification Authority RSA - TrustCor ECA-1 - TrustCor RootCert CA-1 - TrustCor RootCert CA-2 Certificates removed: - ACEDICOM Root - AddTrust Low-Value Services Root - AddTrust Public Services Root - AddTrust ualified Certificates Root - CA Disig Root R1 - Camerfirma Chambers of Commerce Root - Camerfirma Global Chambersign Root - CA WoSign ECC Root - Certification Authority of WoSign G2 - Certinomis - Autorité Racine - Certum Root CA - China Internet Network Information Center EV Certificates Root - CNNIC ROOT - Comodo Secure Services root - Comodo Trusted Services root - DST ACES CA X6 - GeoTrust Global CA 2 - PSCProcert - Security Communication EV RootCA1 - StartCom Certification Authority - StartCom Certification Authority - StartCom Certification Authority G2 - Swisscom Root CA 1 - Swisscom Root CA 2 - Swisscom Root EV CA 2 - TUBITAK UEKAE Kok Sertifika Hizmet Saglayicisi - Surum 3 - TURKTRUST Certificate Services Provider Root 2007 - UTN USERFirst Hardware Root CA - WoSign - WoSign China Backport-PR-URL: #19631 PR-URL: #19322 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
MylesBorins pushed a commit that referenced this pull request
Mar 28, 2018
Remove the CNNIC certificates again and remove the whitelist from commit 3beb880 ("crypto: add cert check to CNNIC Whitelist") from June 2015. Backport-PR-URL: #19631 PR-URL: #19322 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
MylesBorins pushed a commit that referenced this pull request
Mar 28, 2018
Update the list of root certificates in src/node_root_certs.h with tools/mk-ca-bundle.pl. Certificates added: - GDCA TrustAUTH R5 ROOT - SSL.com EV Root Certification Authority ECC - SSL.com EV Root Certification Authority RSA R2 - SSL.com Root Certification Authority ECC - SSL.com Root Certification Authority RSA - TrustCor ECA-1 - TrustCor RootCert CA-1 - TrustCor RootCert CA-2 Certificates removed: - ACEDICOM Root - AddTrust Low-Value Services Root - AddTrust Public Services Root - AddTrust ualified Certificates Root - CA Disig Root R1 - Camerfirma Chambers of Commerce Root - Camerfirma Global Chambersign Root - CA WoSign ECC Root - Certification Authority of WoSign G2 - Certinomis - Autorité Racine - Certum Root CA - China Internet Network Information Center EV Certificates Root - CNNIC ROOT - Comodo Secure Services root - Comodo Trusted Services root - DST ACES CA X6 - GeoTrust Global CA 2 - PSCProcert - Security Communication EV RootCA1 - StartCom Certification Authority - StartCom Certification Authority - StartCom Certification Authority G2 - Swisscom Root CA 1 - Swisscom Root CA 2 - Swisscom Root EV CA 2 - TUBITAK UEKAE Kok Sertifika Hizmet Saglayicisi - Surum 3 - TURKTRUST Certificate Services Provider Root 2007 - UTN USERFirst Hardware Root CA - WoSign - WoSign China Backport-PR-URL: #19634 PR-URL: #19322 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
MylesBorins pushed a commit that referenced this pull request
Mar 28, 2018
Remove the CNNIC certificates again and remove the whitelist from commit 3beb880 ("crypto: add cert check to CNNIC Whitelist") from June 2015. Backport-PR-URL: #19634 PR-URL: #19322 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
MylesBorins pushed a commit that referenced this pull request
Mar 28, 2018
Update the list of root certificates in src/node_root_certs.h with tools/mk-ca-bundle.pl. Certificates added: - GDCA TrustAUTH R5 ROOT - SSL.com EV Root Certification Authority ECC - SSL.com EV Root Certification Authority RSA R2 - SSL.com Root Certification Authority ECC - SSL.com Root Certification Authority RSA - TrustCor ECA-1 - TrustCor RootCert CA-1 - TrustCor RootCert CA-2 Certificates removed: - ACEDICOM Root - AddTrust Low-Value Services Root - AddTrust Public Services Root - AddTrust ualified Certificates Root - CA Disig Root R1 - Camerfirma Chambers of Commerce Root - Camerfirma Global Chambersign Root - CA WoSign ECC Root - Certification Authority of WoSign G2 - Certinomis - Autorité Racine - Certum Root CA - China Internet Network Information Center EV Certificates Root - CNNIC ROOT - Comodo Secure Services root - Comodo Trusted Services root - DST ACES CA X6 - GeoTrust Global CA 2 - PSCProcert - Security Communication EV RootCA1 - StartCom Certification Authority - StartCom Certification Authority - StartCom Certification Authority G2 - Swisscom Root CA 1 - Swisscom Root CA 2 - Swisscom Root EV CA 2 - TUBITAK UEKAE Kok Sertifika Hizmet Saglayicisi - Surum 3 - TURKTRUST Certificate Services Provider Root 2007 - UTN USERFirst Hardware Root CA - WoSign - WoSign China Backport-PR-URL: #19632 PR-URL: #19322 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
MylesBorins pushed a commit that referenced this pull request
Mar 28, 2018
Remove the CNNIC certificates again and remove the whitelist from commit 3beb880 ("crypto: add cert check to CNNIC Whitelist") from June 2015. Backport-PR-URL: #19632 PR-URL: #19322 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
MylesBorins pushed a commit that referenced this pull request
Mar 28, 2018
Update the list of root certificates in src/node_root_certs.h with tools/mk-ca-bundle.pl. Certificates added: - GDCA TrustAUTH R5 ROOT - SSL.com EV Root Certification Authority ECC - SSL.com EV Root Certification Authority RSA R2 - SSL.com Root Certification Authority ECC - SSL.com Root Certification Authority RSA - TrustCor ECA-1 - TrustCor RootCert CA-1 - TrustCor RootCert CA-2 Certificates removed: - ACEDICOM Root - AddTrust Low-Value Services Root - AddTrust Public Services Root - AddTrust ualified Certificates Root - CA Disig Root R1 - Camerfirma Chambers of Commerce Root - Camerfirma Global Chambersign Root - CA WoSign ECC Root - Certification Authority of WoSign G2 - Certinomis - Autorité Racine - Certum Root CA - China Internet Network Information Center EV Certificates Root - CNNIC ROOT - Comodo Secure Services root - Comodo Trusted Services root - DST ACES CA X6 - GeoTrust Global CA 2 - PSCProcert - Security Communication EV RootCA1 - StartCom Certification Authority - StartCom Certification Authority - StartCom Certification Authority G2 - Swisscom Root CA 1 - Swisscom Root CA 2 - Swisscom Root EV CA 2 - TUBITAK UEKAE Kok Sertifika Hizmet Saglayicisi - Surum 3 - TURKTRUST Certificate Services Provider Root 2007 - UTN USERFirst Hardware Root CA - WoSign - WoSign China Backport-PR-URL: #19633 PR-URL: #19322 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
MylesBorins pushed a commit that referenced this pull request
Mar 28, 2018
Remove the CNNIC certificates again and remove the whitelist from commit 3beb880 ("crypto: add cert check to CNNIC Whitelist") from June 2015. Backport-PR-URL: #19633 PR-URL: #19322 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
Pranay180420 pushed a commit to Pranay180420/Node.jsforme that referenced this pull request
Feb 17, 2025
Pranay180420 pushed a commit to Pranay180420/Node.jsforme that referenced this pull request
Feb 17, 2025
Update the list of root certificates in src/node_root_certs.h with tools/mk-ca-bundle.pl. Certificates added: - GDCA TrustAUTH R5 ROOT - SSL.com EV Root Certification Authority ECC - SSL.com EV Root Certification Authority RSA R2 - SSL.com Root Certification Authority ECC - SSL.com Root Certification Authority RSA - TrustCor ECA-1 - TrustCor RootCert CA-1 - TrustCor RootCert CA-2 Certificates removed: - ACEDICOM Root - AddTrust Low-Value Services Root - AddTrust Public Services Root - AddTrust ualified Certificates Root - CA Disig Root R1 - Camerfirma Chambers of Commerce Root - Camerfirma Global Chambersign Root - CA WoSign ECC Root - Certification Authority of WoSign G2 - Certinomis - Autorité Racine - Certum Root CA - China Internet Network Information Center EV Certificates Root - CNNIC ROOT - Comodo Secure Services root - Comodo Trusted Services root - DST ACES CA X6 - GeoTrust Global CA 2 - PSCProcert - Security Communication EV RootCA1 - StartCom Certification Authority - StartCom Certification Authority - StartCom Certification Authority G2 - Swisscom Root CA 1 - Swisscom Root CA 2 - Swisscom Root EV CA 2 - TUBITAK UEKAE Kok Sertifika Hizmet Saglayicisi - Surum 3 - TURKTRUST Certificate Services Provider Root 2007 - UTN USERFirst Hardware Root CA - WoSign - WoSign China Backport-PR-URL: nodejs/node#19634 PR-URL: nodejs/node#19322 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
Pranay180420 pushed a commit to Pranay180420/Node.jsforme that referenced this pull request
Feb 17, 2025
Remove the CNNIC certificates again and remove the whitelist from commit 3beb880 ("crypto: add cert check to CNNIC Whitelist") from June 2015. Backport-PR-URL: nodejs/node#19634 PR-URL: nodejs/node#19322 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters