Commit graph

12 commits

Author SHA1 Message Date
Christian Hesse
b0e52aa2d1 global-functions: $GetMacVendor: requires certificate "Cloudflare Inc ECC CA-3" now 2021-02-24 21:48:36 +01:00
Christian Hesse
97ade535d9 certs: add plain text info about certificates
Also order certificates, so we have:
 * intermediate
 * root
 * alternative root, if any

Let's add 'ISRG Root X1' for 'E1' as there will be a valid cross-signed
chain 'E1' -> 'ISRG Root X2' -> 'ISRG Root X1'.
2020-12-30 00:45:11 +01:00
Christian Hesse
05a9531dac certs: remove Let's Encrypt Authority X3 2020-12-18 20:32:29 +01:00
Christian Hesse
50199a57a0 certs: add new Let's Encrypt certificates
https://letsencrypt.org/certificates/
2020-12-17 21:58:53 +01:00
Christian Hesse
3589416840 add certificate 'GTS CA 1O1'
This is used by DNS over HTTPS services:

https://dns.google/dns-query
2020-06-10 11:08:18 +02:00
Christian Hesse
8a88743e9f add certificate 'DigiCert ECC Secure Server CA'
This is used by DNS over HTTPS services:

https://cloudflare-dns.com/dns-query
https://dns9.quad9.net/dns-query (secured)
https://dns10.quad9.net/dns-query (unsecured)

https://github.com/curl/curl/wiki/DNS-over-HTTPS
2020-03-20 12:07:11 +01:00
Christian Hesse
42834e9de1 global-functions: $CertificateAvailable: fetch by CommonName
Now that we have a proper $UrlEncode function... Fetch certificates
by CommonName.

Also remove the PEM after import.
2019-04-30 16:52:53 +02:00
Christian Hesse
bc36fb74c3 update-tunnelbroker: verify certificate 2019-01-02 15:02:42 +01:00
Christian Hesse
f4673928ef global-functions: make $CertificateAvailable work on CommonName
This should prevent endless certificate switching for Let's Encrypt
cross-signed intermediate certificates.
2018-12-20 22:21:00 +01:00
Christian Hesse
abdc9b0cbd README: add Root CA certificate DST Root CA X3
This is used by Let's Encrypt to cross-sign.
2018-12-20 17:25:23 +01:00
Christian Hesse
f111669673 README: download certificates from repository 2018-10-16 16:31:57 +02:00
Christian Hesse
d81e1bf195 global-functions: import certificates if required
Signed-off-by: Christian Hesse <mail@eworm.de>
2018-10-16 16:06:25 +02:00