Page MenuHomePhorge

Update the extracted cURL SSL CA bundle
ClosedPublic

Authored by jacques on Aug 26 2022, 08:25.

Details

Summary

Updated the default CA bundle file to the 2022-07-19 file from https://curl.se/ca/cacert-2022-07-19.pem

Test Plan

Confirmed the hash matches the published hash:

$ openssl dgst -sha256 resources/ssl/default.pem
SHA256(resources/ssl/default.pem)= 6ed95025fba2aef0ce7b647607225745624497f876d74ef6ec22b26e73e9de77

Diff Detail

Repository
rARC Arcanist
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

jacques created this object with edit policy "Administrators".

Note the ISRG Root X2 has been added here used by Lets Encrypt.

Thank you

I'm not the maintainer, but just trying to help you.

Can I ask what happens if this is not merged?

I mean, probably you encountered a problem that can be easily reproduced, just as an additional reason to merge this.

Thank you for this clarification

Interestingly the cURL website is offline in the related homepage. Here in Internet Archive:

http://web.archive.org/web/20221005040606/https://curl.se/docs/caextract.html

Interestingly the cURL website is offline in the related homepage. Here in Internet Archive:

http://web.archive.org/web/20221005040606/https://curl.se/docs/caextract.html

(I reported this issue upstream via mail using curl-web <at> haxx.se)

chris changed the edit policy from "Administrators" to "Blessed Committers (Project)".May 18 2023, 21:08

I verified the SHA256 manually downloading that from https://curl.se/ca/cacert-2022-07-19.pem

lgtm

This revision is now accepted and ready to land.May 18 2023, 21:09

Hoping to be useful I will land this in 10 days. If you are the author and you are reading this, feel free to land.

Since the user never confirmed the email address and probably cannot follow-up,

Since I double-checked that the file comes from this source:

https://curl.se/ca/cacert-2022-07-19.pem

Since I mentioned 10 days ago about this land, let's land :)