Update the extracted cURL SSL CA bundle
ClosedPublic
Actions

Authored by epriestley on Dec 2 2021, 10:55 PM.

Details

Reviewers: None
Commits: rARC13d3a3c3b100: Update the extracted cURL SSL CA bundle

Summary

This default CA bundle file hasn't been updated since 2016. Update it to the current cURL extraction.

I believe this is notably impactful because of a new "Let's Encrypt" certificate, but didn't hunt down the particulars.

Test Plan

Confirmed the hash matches the published hash:

$ openssl dgst -sha256 resources/ssl/default.pem 
SHA256(resources/ssl/default.pem)= ae31ecb3c6e9ff3154cb7a55f017090448f88482f0e94ac927c0c67a1f33b9cf

This assurance is fairly meaningless since both the hash and file are published on curl.se. It didn't get corrupted by stellar radiation before it made it into Git, at least?

Diff Detail

Repository

rARC Arcanist

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

epriestley created this revision.Dec 2 2021, 10:55 PM

Harbormaster completed remote builds in B25596: Diff 51801.Dec 2 2021, 10:56 PM

This revision was not accepted when it landed; it landed in state Needs Review.Dec 2 2021, 10:56 PM

This revision was landed with ongoing or failed builds.

epriestley requested review of this revision.

Closed by commit rARC13d3a3c3b100: Update the extracted cURL SSL CA bundle (authored by epriestley). · Explain Why

This revision was automatically updated to reflect the committed changes.

epriestley added a commit: rARC13d3a3c3b100: Update the extracted cURL SSL CA bundle.

Revision Contents
Changeset List

Path

Size

resources/

ssl/

default.pem

3219 lines

Diff 51802

View Options

Update the extracted cURL SSL CA bundleClosedPublicActions