Age | Commit message (Collapse) | Author |
|
Update the list of root certificates in src/node_root_certs.h with
tools/mk-ca-bundle.pl.
Certificates added:
Certificates removed:
- Certplus Class 2 Primary CA
- Deutsche Telekom Root CA 2
PR-URL: https://github.com/nodejs/node/pull/30195
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: David Carlier <devnexen@gmail.com>
Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Franziska Hinkelmann <franziska.hinkelmann@gmail.com>
|
|
Update the list of root certificates in src/node_root_certs.h with
tools/mk-ca-bundle.pl.
Certificates added: (none)
Certificates removed:
- Certinomis - Root CA
PR-URL: https://github.com/nodejs/node/pull/28808
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
|
|
Fixes: https://github.com/nodejs/node/issues/25824
PR-URL: https://github.com/nodejs/node/pull/26415
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Ron Korving <ron@ronkorving.nl>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
|
|
Update the list of root certificates in src/node_root_certs.h with
tools/mk-ca-bundle.pl.
Certificates added:
- emSign Root CA - G1
- emSign ECC Root CA - G3
- emSign Root CA - C1
- emSign ECC Root CA - C3
- Hongkong Post Root CA 3
PR-URL: https://github.com/nodejs/node/pull/27374
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
|
|
Update the list of root certificates in src/node_root_certs.h with
tools/mk-ca-bundle.pl.
Certificates added:
- GlobalSign Root CA - R6
- OISTE WISeKey Global Root GC CA
- GTS Root R1
- GTS Root R2
- GTS Root R3
- GTS Root R4
- UCA Global G2 Root
- UCA Extended Validation Root
- Certigna Root CA
Certificates removed:
- Visa eCommerce Root
- TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5
- Certplus Root CA G1
- Certplus Root CA G2
- OpenTrust Root CA G1
- OpenTrust Root CA G2
- OpenTrust Root CA G3
PR-URL: https://github.com/nodejs/node/pull/25113
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
|
|
Remove the CNNIC certificates again and remove the whitelist from commit
3beb88071 ("crypto: add cert check to CNNIC Whitelist") from June 2015.
PR-URL: https://github.com/nodejs/node/pull/19322
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
|
|
Update the list of root certificates in src/node_root_certs.h with
tools/mk-ca-bundle.pl.
Certificates added:
- GDCA TrustAUTH R5 ROOT
- SSL.com EV Root Certification Authority ECC
- SSL.com EV Root Certification Authority RSA R2
- SSL.com Root Certification Authority ECC
- SSL.com Root Certification Authority RSA
- TrustCor ECA-1
- TrustCor RootCert CA-1
- TrustCor RootCert CA-2
Certificates removed:
- ACEDICOM Root
- AddTrust Low-Value Services Root
- AddTrust Public Services Root
- AddTrust ualified Certificates Root
- CA Disig Root R1
- Camerfirma Chambers of Commerce Root
- Camerfirma Global Chambersign Root
- CA WoSign ECC Root
- Certification Authority of WoSign G2
- Certinomis - Autorité Racine
- Certum Root CA
- China Internet Network Information Center EV Certificates Root
- CNNIC ROOT
- Comodo Secure Services root
- Comodo Trusted Services root
- DST ACES CA X6
- GeoTrust Global CA 2
- PSCProcert
- Security Communication EV RootCA1
- StartCom Certification Authority
- StartCom Certification Authority
- StartCom Certification Authority G2
- Swisscom Root CA 1
- Swisscom Root CA 2
- Swisscom Root EV CA 2
- TUBITAK UEKAE Kok Sertifika Hizmet Saglayicisi - Surum 3
- TURKTRUST Certificate Services Provider Root 2007
- UTN USERFirst Hardware Root CA
- WoSign
- WoSign China
PR-URL: https://github.com/nodejs/node/pull/19322
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
|
|
Update the list of root certificates in src/node_root_certs.h with
tools/mk-ca-bundle.pl.
Certificates added:
- TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1
Certificates removed:
- ApplicationCA - Japanese Government
- Microsec e-Szigno Root CA
- TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6
- WellsSecure Public Root Certificate Authority
PR-URL: https://github.com/nodejs/node/pull/13279
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
|
|
Update the list of root certificates in src/node_root_certs.h with
tools/mk-ca-bundle.pl.
Certificates added:
- AC RAIZ FNMT-RCM
- Amazon Root CA 1
- Amazon Root CA 2
- Amazon Root CA 3
- Amazon Root CA 4
- Certplus Root CA G1
- Certplus Root CA G2
- Hellenic Academic and Research Institutions ECC RootCA 2015
- Hellenic Academic and Research Institutions RootCA 2015
- ISRG Root X1
- LuxTrust Global Root 2
- OpenTrust Root CA G1
- OpenTrust Root CA G2
- OpenTrust Root CA G3
Certificates removed:
- Buypass Class 2 CA 1
- EBG Elektronik Sertifika Hizmet Sağlayıcısı
- IGC/A
- Juur-SK
- RSA Security 2048 v3
- Root CA Generalitat Valenciana
PR-URL: https://github.com/nodejs/node/pull/12402
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
|
|
Update the list of root certificates in src/node_root_certs.h with
tools/mk-ca-bundle.pl.
Certificates added:
- Certum Trusted Network CA 2
- SZAFIR ROOT CA2
Certificates removed:
- CA Disig
- NetLock Notary (Class A) Root
- Staat der Nederlanden Root CA
PR-URL: https://github.com/nodejs/node/pull/7363
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
|
|
For consistency with the newly added src/base64.h header, check that
NODE_WANT_INTERNALS is defined and set in internal headers.
PR-URL: https://github.com/nodejs/node/pull/6948
Refs: https://github.com/nodejs/node/pull/6910
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
|
|
Update the list of root certificates in src/node_root_certs.h with
tools/mk-ca-bundle.pl.
PR-URL: https://github.com/nodejs/node/pull/3951
Reviewed-By: Fedor Indutny <fedor@indutny.com>
|
|
Update the list of root certificates in src/node_root_certs.h with
tools/mk-ca-bundle.pl.
PR-URL: https://github.com/nodejs/io.js/pull/1833
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
|
|
The host of melissadata.net has a cross root certification between
Starfield Class 2 and ValiCert Class 2. OpenSSL-1.0.1 only looks up
a cert chain to the deprecated ValiCert Class 2 CA and causes
untrusted error. We add it for a short-term remedy and it is to be
removed after upgrading OpenSSSL-1.0.2 and applying private patches
to support alternative cert chains.
See #402 and #589.
Fixes: https://github.com/iojs/io.js/issues/923
PR-URL: https://github.com/iojs/io.js/pull/1135
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
|
|
Nolens volens add back a 1024 bits Verisign Class 3 certificate that is
still in use by AWS S3.
Fixes: https://github.com/iojs/io.js/issues/402
|
|
Update the list of root certificates in src/node_root_certs.h with
tools/mk-ca-bundle.pl.
PR-URL: https://github.com/node-forward/node/pull/7
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Trevor Norris <trevnorris@gmail.com>
|
|
Update the list of root certificates in src/node_root_certs.h with
tools/mk-ca-bundle.pl and update src/node_crypto.cc to make use of
the new format.
Fixes #6013.
|
|
Details:
https://threatpost.com/en_us/blogs/attackers-obtain-valid-cert-google-domains-mozilla-moves-revoke-it-082911
http://www.coriolis-systems.com/blog/2011/08/diginotar-certificate-security.php
|
|
|
|
|