Changeset 462878e4
- Timestamp:
- 04/09/2009 06:01:57 AM (15 years ago)
- Branches:
- 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- 2f5c01ff
- Parents:
- fe9bce8
- Files:
-
- 1 deleted
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
general.ent
rfe9bce8 r462878e4 4 4 --> 5 5 6 <!ENTITY day " 26"> <!-- Always 2 digits -->7 <!ENTITY month "0 3"> <!-- Always 2 digits -->6 <!ENTITY day "09"> <!-- Always 2 digits --> 7 <!ENTITY month "04"> <!-- Always 2 digits --> 8 8 <!ENTITY year "2009"> 9 9 <!ENTITY copyrightdate "2001-&year;"> 10 10 <!ENTITY copyholder "The BLFS Development Team"> 11 11 <!ENTITY version "svn-&year;&month;&day;"> 12 <!ENTITY releasedate " March&day;th, &year;">12 <!ENTITY releasedate "April &day;th, &year;"> 13 13 <!ENTITY pubdate "&year;-&month;-&day;"> <!-- metadata req. by TLDP --> 14 14 <!ENTITY blfs-version "svn"> <!-- svn|[release #] --> … … 61 61 62 62 <!ENTITY openssl-version "0.9.8j"> 63 <!ENTITY ca-bundle-version "20090409"> 63 64 <!ENTITY gnutls-version "1.6.3"> 64 65 <!ENTITY cracklib-version "2.8.13"> -
introduction/welcome/changelog.xml
rfe9bce8 r462878e4 42 42 --> 43 43 <listitem> 44 <para>April 9th, 2009</para> 45 <itemizedlist> 46 <listitem> 47 <para>[dj] - Removed Root Certificates page and added ca-bundle 48 instructions to OpenSSL page.</para> 49 </listitem> 50 </itemizedlist> 51 </listitem> 52 53 <listitem> 44 54 <para>March 26th, 2009</para> 45 55 <itemizedlist> -
postlfs/security/openssl.xml
rfe9bce8 r462878e4 9 9 <!ENTITY openssl-md5sum "a5cb5f6c3d11affb387ecf7a997cac0c"> 10 10 <!ENTITY openssl-size "3.7 MB"> 11 <!ENTITY openssl-buildsize "45 MB"> 12 <!ENTITY openssl-time "1.2 SBU (additional 0.3 SBU to run the test suite)"> 11 <!ENTITY ca-bundle-download "http://anduin.linuxfromscratch.org/files/BLFS/BLFS-ca-bundle-&ca-bundle-version;.tar.bz2"> 12 <!ENTITY ca-bundle-size "192 KB"> 13 <!ENTITY ca-bundle-md5sum "a5e85c3df9ef9a192eb5e5cdf94ebb72"> 14 <!ENTITY openssl-buildsize "47 MB"> 15 <!ENTITY openssl-time "1.3 SBU (additional 0.3 SBU to run the test suite)"> 13 16 ]> 14 17 … … 51 54 </listitem> 52 55 <listitem> 56 <para>CA Bundle Download: <ulink url="&ca-bundle-download;"/></para> 57 </listitem> 58 <listitem> 59 <para>CA Bundle size: &ca-bundle-size;</para> 60 </listitem> 61 <listitem> 62 <para>CA Bundle MD5 sum: &ca-bundle-md5sum;</para> 63 </listitem> 64 <listitem> 53 65 <para>Estimated disk space required: &openssl-buildsize;</para> 54 66 </listitem> … … 70 82 <bridgehead renderas="sect4">Recommended</bridgehead> 71 83 <para role="recommended"><xref linkend="bc"/>(if you run the test suite 72 during the build) and <xref linkend="rootcerts"/></para>84 during the build)</para> 73 85 74 86 <bridgehead renderas="sect4">Optional</bridgehead> … … 88 100 89 101 <screen><userinput>patch -Np1 -i ../openssl-&openssl-version;-fix_manpages-1.patch && 102 tar -vxf ../BLFS-ca-bundle-&ca-bundle-version;.tar.bz2 && 90 103 ./config --prefix=/usr \ 91 104 --openssldir=/etc/ssl \ … … 115 128 /usr/share/doc/openssl-&openssl-version;</userinput></screen> 116 129 130 <para>While still the <systemitem class="username">root</systemitem> user, 131 create a single file that contains all of the installed certificates:</para> 132 133 <screen role="root"><userinput>for pem in /etc/ssl/certs/*.pem 134 do 135 cat $pem 136 echo "" 137 done > /etc/ssl/ca-bundle.crt</userinput></screen> 138 117 139 </sect2> 118 140 119 141 <sect2 role="commands"> 120 142 <title>Command Explanations</title> 143 144 <para> 145 <command>tar -vxf ../BLFS-ca-bundle-&ca-bundle-version;.tar.bz2</command>: 146 OpenSSL no longer includes any root certificates. This package adds root 147 certificates as provided by mozilla.org.</para> 121 148 122 149 <para><parameter>shared</parameter>: This parameter forces the creation of … … 148 175 use of <filename>libz.so</filename> for compression/decompression.</para> --> 149 176 150 <para><command>cp -v -r certs /etc/ssl</command>: This package no longer 151 ships CA certificates. This commands installs documentation and sample 152 certificates as examples should one want to create/install their own 153 certificates.</para> 177 <para><command>cp -v -r certs /etc/ssl</command>: This installs both the 178 sample certificates and documentation included with OpenSSL, and the 179 certificates that were extrated from the BLFS-ca-bundle-&ca-bundle-version; 180 package.</para> 181 182 <para><command>for pem in /etc/ssl/certs/*.pem...</command>: This group of 183 commands creates a single-file certificate bundle 184 (<filename>/etc/ssl/ca-bundle.crt</filename>) that is usable by many 185 other software packages. <filename>ca-bundle.crt</filename> should be 186 recreated anytime that a certificate is added to 187 <filename class="directory">/etc/ssl/certs</filename>.</para> 154 188 155 189 </sect2> -
postlfs/security/security.xml
rfe9bce8 r462878e4 40 40 "signatures" and compares for files that have been changed.</para> 41 41 42 <xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="rootcerts.xml"/>43 42 <xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="openssl.xml"/> 44 43 <xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="gnutls.xml"/>
Note:
See TracChangeset
for help on using the changeset viewer.