On Monday 29 May 2006 21:21, Mark Wielaard wrote: > Hi Raif, > > On Mon, 2006-05-29 at 21:00 +1000, Raif S. Naffah wrote: > > On Monday 29 May 2006 20:02, Mark Wielaard wrote: > > > On Mon, 2006-05-22 at 21:42 +1000, Raif S. Naffah wrote: > > > > my question is: does anybody see any problem, legal or > > > > otherwise, in including our version of this cacerts file which > > > > i named "cacerts.gkr" into the GNU Classpath distribution? > > > > > > I wonder how well that will work with the various distributions. > > > > if by distributions you mean the different VMs that use Classpath > > then this file is not much different than for example > > classpath.security, which is our version of java.security. > > No, I was thinking of the GNU/Linux distros. They seem to have their > own collection of "trusted" ca-certs already. So I was wondering > whether we could somehow reuse those easily (for example during > installation time). That way a user has only one set of ca-certs to > worry about. Since at least for Debian it seems every package using > ssl uses the same set. http://packages.debian.org/ca-certificates > And then we wouldn't have to worry which certificates to include and > where they would come from.
the "openssl x509" command seems to be capable of reading PEM certificates and writing them in X.509 format --which we can then import with keytool. i'll have a closer look. cheers; rsn
pgpYMhLUVZKiM.pgp
Description: PGP signature
