OK, I'm starting to put together a page so the user can create ca-bundle. The raw certificates can be fetched with
wget --output-document certdata.txt \ http://mxr.mozilla.org/mozilla/source/security/nss/lib/ckfw/builtins/certdata.txt?raw=1 There are two scripts used now: mkblfsca.sh and mkcert.pl. They total 125 lines. I'm not sure how to present this. I could put the scripts in a tarball, but that seems like overkill for about 3K of scripts. My inclination is to just put the scripts in the book and tell the user to place them in /root, fetch the certdata, and run the scripts. We might want to do an install of of the directory /etc/ssl/certs to make sure it exists. Placing the scripts in /root is a bit unusual, but really, only root should be touching CA Certificates. Thoughts? -- Bruce -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
