provide latest OS root certificates via port?

cvfgx at icloud.com cvfgx at icloud.com
Sat Oct 30 14:02:46 UTC 2021


hi all,

as much as i appreciate every discussion, i would kindly ask everybody to refrain from posting links pointing at actual downloads
my 0.02$

x

> On 30 Oct 2021, at 2:49 PM, Al Varnell via macports-users <macports-users at lists.macports.org> wrote:
> 
> I see that I already have the latest ISRG Root X1 certificate in the System Roots keychain, so not sure why I would need to add it to my System keychain.
> 
> And when I went to https://letsencrypt.org/certs/isrgrootx1.pem <https://letsencrypt.org/certs/isrgrootx1.pem> to download, it showed up as a .cer instead of a .pem.
> 
> -Al-
> 
>> On Oct 29, 2021, at 10:25 PM, Michael <keybounce at gmail.com <mailto:keybounce at gmail.com>> wrote:
>> 
>> So I found this advice online for updating certs without having to worry about trusting expired old certs.
>> 
>> 1. Visit https://letsencrypt.org/certs/isrgrootx1.pem <https://letsencrypt.org/certs/isrgrootx1.pem> to download the certificate, and save it in the Documents folder.
>> 
>> 2. Open Terminal, paste this command, and press enter:
>> 
>> sudo security -v add-trusted-cert -d -r trustRoot -k "/Library/Keychains/System.keychain" ~/Documents/isrgrootx1.pem
>> 
>> This eliminates the need for marking the expired DST root as special-case trusted.
> 
>          
> Powered by Mailbutler <https://www.mailbutler.io/?utm_source=watermark&utm_medium=email&utm_campaign=watermark-variant-primary>, the email extension that does it all

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macports.org/pipermail/macports-users/attachments/20211030/3d794605/attachment.htm>


More information about the macports-users mailing list