Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-03 23:39:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

- polishing

Browse Source
This commit is contained in:
Dirk 2016-03-25 11:52:23 +01:00
parent ad8fd1804a
commit c684ba7d9c
1 changed files with 14 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
etc/README.md
View File

@ -5,26 +5,25 @@ The certificate stores were retrieved by
* Mozilla; see https://curl.haxx.se/docs/caextract.html * Mozilla; see https://curl.haxx.se/docs/caextract.html
* Linux: Just copied from an up-to-date Linux machine * Linux: Just copied from an up-to-date Linux machine
* Microsoft: under Windows >= 7,2008 MS decided not to provide * Microsoft: For Windows >= 7/2008 Microsoft decided not to provide
a full certificate store by default/via update as all other OS do. a full certificate store by default or via update as all other OS do.
It's being populated with time -- supposed you use e.g. IE while browsing. It's being populated with time -- supposed you use e.g. IE while browsing.
This store was destilled from three different windows installations via This store was destilled from three different windows installations via
certmgr.msc and is an export of "Trusted Root Certification Authorities" "certmgr.msc". It's a PKCS7 export of "Trusted Root Certification Authorities"
--> "Certificates". Third Party Root Certificates were for now deliberately --> "Certificates".
omitted. Feedback is welcome, see #317. Third Party Root Certificates were for now deliberately omitted.
* Apple.pem : it comes from Apple OS X keychain app Feedback is welcome, see #317.
Open Keychain Access. * Apple: It comes from Apple OS X keychain app. Open Keychain Access.
In the Finder window, under Favorites, click Applications, click Utilities In the Finder window, under Favorites --> "Applications" --> "Utilities"
and then double-click Keychain Access. --> "Keychain Access" (2 click). In that window --> "Keychains" --> "System"
In the Keychain Access window, under Keychains, click System and then --> "Category" --> "All Items"
under Category, click All Items. Select all CA certificates, "File" --> "Export Items"
Select now all CA certificate then File, Export Items
In this directory you can also save e.g. your company Root CA(s) in PEM In this directory you can also save e.g. your company Root CA(s) in PEM
format, extension ``pem``. This has two catches momentarily: You will still format, extension ``pem``. This has two catches momentarily: You will still
get a warning for the other certificate storesthough while scanning internal get a warning for the other certificate stores while scanning internal net-
networks. If you scan other hosts in the internet the check against your works. Second catch: If you scan other hosts in the internet the check against
Root CA will fail, too. This will be fixed in the future, see #230. your Root CA will fail, too. This will be fixed in the future, see #230.
#### Mapping files #### Mapping files
The file ``mapping-rfc.txt`` uses the hexcode to map OpenSSL names The file ``mapping-rfc.txt`` uses the hexcode to map OpenSSL names