provide latest OS root certificates via port?
cvfgx at icloud.com
cvfgx at icloud.com
Sat Oct 30 14:02:46 UTC 2021
hi all,
as much as i appreciate every discussion, i would kindly ask everybody to refrain from posting links pointing at actual downloads
my 0.02$
x
> On 30 Oct 2021, at 2:49 PM, Al Varnell via macports-users <macports-users at lists.macports.org> wrote:
>
> I see that I already have the latest ISRG Root X1 certificate in the System Roots keychain, so not sure why I would need to add it to my System keychain.
>
> And when I went to https://letsencrypt.org/certs/isrgrootx1.pem <https://letsencrypt.org/certs/isrgrootx1.pem> to download, it showed up as a .cer instead of a .pem.
>
> -Al-
>
>> On Oct 29, 2021, at 10:25 PM, Michael <keybounce at gmail.com <mailto:keybounce at gmail.com>> wrote:
>>
>> So I found this advice online for updating certs without having to worry about trusting expired old certs.
>>
>> 1. Visit https://letsencrypt.org/certs/isrgrootx1.pem <https://letsencrypt.org/certs/isrgrootx1.pem> to download the certificate, and save it in the Documents folder.
>>
>> 2. Open Terminal, paste this command, and press enter:
>>
>> sudo security -v add-trusted-cert -d -r trustRoot -k "/Library/Keychains/System.keychain" ~/Documents/isrgrootx1.pem
>>
>> This eliminates the need for marking the expired DST root as special-case trusted.
>
>
> Powered by Mailbutler <https://www.mailbutler.io/?utm_source=watermark&utm_medium=email&utm_campaign=watermark-variant-primary>, the email extension that does it all
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macports.org/pipermail/macports-users/attachments/20211030/3d794605/attachment.htm>
More information about the macports-users
mailing list