https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=246614
--- Comment #6 from Michael Osipov <michael.osi...@siemens.com> --- Went through the given diff, there are still issues with it: * serial should be turned into decimal to avoid confusion * create_blacklisted() is completely ill-designed for several reasons: ** When processing all links must be purged first ** Blacklisted certs should not be linked at all ** using <hash>.r<digit> is wrong because the r suffix is solely reserved for CRLs. Look into c_rehash: elsif($hdr eq "X509 CRL") {$is_crl = 1;..} BUT the rehashing does work: > root@deblndw011x:/etc/ssl/certs > # ll | grep 8dc03e53 > lrwxr-xr-x 1 root wheel 52 2020-08-24 09:54 8dc03e53.0@ -> > ../../../usr/local/etc/ssl/certs/siemens-cert-14.crt > lrwxr-xr-x 1 root wheel 52 2020-08-24 09:54 8dc03e53.1@ -> > ../../../usr/local/etc/ssl/certs/siemens-cert-15.crt > root@deblndw011x:/etc/ssl/certs > # certctl list | grep "Siemens Internet CA V1.0" > 8dc03e53.0 Siemens Internet CA V1.0 -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ freebsd-bugs@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"