2016-03-13 20:38:06 +01:00
|
|
|
|
2016-03-14 22:40:29 +01:00
|
|
|
#### Certificate stores
|
2016-03-13 20:38:06 +01:00
|
|
|
|
|
|
|
|
The certificate stores were retrieved by
|
|
|
|
|
|
|
|
|
|
* Mozilla; see https://curl.haxx.se/docs/caextract.html
|
2016-03-13 21:13:03 +01:00
|
|
|
* Linux: Just copied from an up-to-date Linux machine
|
2016-03-13 20:38:06 +01:00
|
|
|
* Microsoft: under Windows >= 7,2008 MS decided not to provide
|
2016-03-14 22:40:29 +01:00
|
|
|
a full certificate store by default/via update as all other OS do.
|
2016-03-13 21:10:00 +01:00
|
|
|
It's being populated with time -- supposed you use e.g. IE while browsing.
|
|
|
|
|
This store was destilled from three different windows installations via
|
2016-03-14 22:40:29 +01:00
|
|
|
certmgr.msc and is an export of "Trusted Root Certification Authorities"
|
2016-03-13 21:10:00 +01:00
|
|
|
--> "Certificates". Third Party Root Certificates were for now deliberately
|
|
|
|
|
omitted. Feedback is welcome, see #317.
|
2016-03-13 20:38:06 +01:00
|
|
|
|
2016-03-13 21:10:00 +01:00
|
|
|
In this directory you can also save e.g. your company Root CA(s) in PEM
|
|
|
|
|
format, extension ``pem``. This has two catches momentarily: You will still
|
2016-03-14 22:40:29 +01:00
|
|
|
get a warning for the other certificate storesthough while scanning internal
|
2016-03-13 21:10:00 +01:00
|
|
|
networks. If you scan other hosts in the internet the check against your
|
|
|
|
|
Root CA will fail, too. This will be fixed in the future, see #230.
|
2016-03-13 20:38:06 +01:00
|
|
|
|
2016-03-13 21:13:03 +01:00
|
|
|
#### Mapping files
|
|
|
|
|
The file ``mapping-rfc.txt`` uses the hexcode to map OpenSSL names
|
|
|
|
|
against the RFC/IANA names. ``curves.txt`` is not being used yet, it
|
|
|
|
|
is supposed to map EC curve names properly.
|
