crypto: update root certificates #13279
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This is the certdata.txt[0] that ships in NSS 3.30.2, released on 2017-04-20. [0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_30_2_RTM/lib/ckfw/builtins/certdata.txt
Update the list of root certificates in src/node_root_certs.h with tools/mk-ca-bundle.pl. Certificates added: - TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1 Certificates removed: - ApplicationCA - Japanese Government - Microsec e-Szigno Root CA - TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6 - WellsSecure Public Root Certificate Authority
nodejs-github-bot
added
c++
sam-github
approved these changes
May 29, 2017
cjihrig
approved these changes
May 29, 2017
|
This would have to be fast tracked and landed today in order to make it in to 8.0.0. Side note: we really need to be more diligent about not pushing these types of things in at the last minute. The release was delayed a month and things are still coming in last minute. |
jasnell
approved these changes
May 29, 2017
|
Given the signoff and the green CI, I'm going to land this so that I can get it into 8.0.0 |
jasnell
pushed a commit
that referenced
this pull request
May 29, 2017
This is the certdata.txt[0] that ships in NSS 3.30.2, released on 2017-04-20. [0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_30_2_RTM/lib/ckfw/builtins/certdata.txt PR-URL: #13279 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
jasnell
pushed a commit
that referenced
this pull request
May 29, 2017
Update the list of root certificates in src/node_root_certs.h with tools/mk-ca-bundle.pl. Certificates added: - TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1 Certificates removed: - ApplicationCA - Japanese Government - Microsec e-Szigno Root CA - TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6 - WellsSecure Public Root Certificate Authority PR-URL: #13279 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
jasnell
pushed a commit
that referenced
this pull request
May 29, 2017
This is the certdata.txt[0] that ships in NSS 3.30.2, released on 2017-04-20. [0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_30_2_RTM/lib/ckfw/builtins/certdata.txt PR-URL: #13279 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
jasnell
pushed a commit
that referenced
this pull request
May 29, 2017
Update the list of root certificates in src/node_root_certs.h with tools/mk-ca-bundle.pl. Certificates added: - TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1 Certificates removed: - ApplicationCA - Japanese Government - Microsec e-Szigno Root CA - TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6 - WellsSecure Public Root Certificate Authority PR-URL: #13279 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
gibfahn
added
baking-for-lts
|
Should land with #12402, see #12402 (comment) |
MylesBorins
pushed a commit
that referenced
this pull request
Jul 14, 2017
This is the certdata.txt[0] that ships in NSS 3.30.2, released on 2017-04-20. [0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_30_2_RTM/lib/ckfw/builtins/certdata.txt PR-URL: #13279 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
MylesBorins
pushed a commit
that referenced
this pull request
Jul 14, 2017
Update the list of root certificates in src/node_root_certs.h with tools/mk-ca-bundle.pl. Certificates added: - TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1 Certificates removed: - ApplicationCA - Japanese Government - Microsec e-Szigno Root CA - TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6 - WellsSecure Public Root Certificate Authority PR-URL: #13279 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
MylesBorins
added
land-on-v6.x
and removed
lts-watch-v6.x
baking-for-lts
Merged
4 tasks
|
backported: #14482 |
MylesBorins
added a commit
that referenced
this pull request
Aug 1, 2017
This LTS release comes with 221 commits. This includes 80 which are
test related, 52 which are doc related, 32 which are build / tool
related and 10 commits which are updates to dependencies.
Notable Changes:
* configure:
- add mips64el to valid_arch (Aditya Anand)
- #13620
* crypto:
- Updated root certificates based on [NSS 3.30] (Ben Noordhuis)
- #13279
- #12402
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.30_release_notes
* deps:
- upgrade OpenSSL to version 1.0.2.l (Shigeki Ohtsu)
- #12913
* http:
- parse errors are now reported when NODE_DEBUG=http (Sam Roberts)
- #13206
- Agent construction can now be envoked without `new` (cjihrig)
- #12927
* zlib:
- node will now throw an Error when zlib rejects the value of windowBits,
instead of crashing (Alexey Orlenko)
- #13098
PR-URL: #14356
MylesBorins
added a commit
that referenced
this pull request
Aug 1, 2017
This LTS release comes with 221 commits. This includes 80 which are
test related, 52 which are doc related, 32 which are build / tool
related and 10 commits which are updates to dependencies.
Notable Changes:
* configure:
- add mips64el to valid_arch (Aditya Anand)
- #13620
* crypto:
- Updated root certificates based on [NSS 3.30] (Ben Noordhuis)
- #13279
- #12402
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.30_release_notes
* deps:
- upgrade OpenSSL to version 1.0.2.l (Shigeki Ohtsu)
- #12913
* http:
- parse errors are now reported when NODE_DEBUG=http (Sam Roberts)
- #13206
- Agent construction can now be envoked without `new` (cjihrig)
- #12927
* zlib:
- node will now throw an Error when zlib rejects the value of windowBits,
instead of crashing (Alexey Orlenko)
- #13098
PR-URL: #14356
MylesBorins
pushed a commit
that referenced
this pull request
Aug 16, 2017
This is the certdata.txt[0] that ships in NSS 3.30.2, released on 2017-04-20. [0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_30_2_RTM/lib/ckfw/builtins/certdata.txt PR-URL: #13279 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
MylesBorins
pushed a commit
that referenced
this pull request
Aug 16, 2017
Update the list of root certificates in src/node_root_certs.h with tools/mk-ca-bundle.pl. Certificates added: - TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1 Certificates removed: - ApplicationCA - Japanese Government - Microsec e-Szigno Root CA - TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6 - WellsSecure Public Root Certificate Authority PR-URL: #13279 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
Closed
MylesBorins
pushed a commit
that referenced
this pull request
Oct 25, 2017
This is the certdata.txt[0] that ships in NSS 3.30.2, released on 2017-04-20. [0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_30_2_RTM/lib/ckfw/builtins/certdata.txt PR-URL: #13279 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
MylesBorins
pushed a commit
that referenced
this pull request
Oct 25, 2017
Update the list of root certificates in src/node_root_certs.h with tools/mk-ca-bundle.pl. Certificates added: - TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1 Certificates removed: - ApplicationCA - Japanese Government - Microsec e-Szigno Root CA - TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6 - WellsSecure Public Root Certificate Authority PR-URL: #13279 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
Merged
MylesBorins
added a commit
that referenced
this pull request
Nov 6, 2017
Notable Changes:
* **crypto**:
- update root certificates (Ben Noordhuis)
#13279
- update root certificates (Ben Noordhuis)
#12402
* **deps**:
- add support for more modern versions of INTL (Bruno Pagani)
#13040
- upgrade openssl sources to 1.0.2m (Shigeki Ohtsu)
#16691
- upgrade openssl sources to 1.0.2l (Daniel Bevenius)
#13233
PR-URL: #16500
MylesBorins
added a commit
that referenced
this pull request
Nov 7, 2017
Notable Changes:
* **crypto**:
- update root certificates (Ben Noordhuis)
#13279
- update root certificates (Ben Noordhuis)
#12402
* **deps**:
- add support for more modern versions of INTL (Bruno Pagani)
#13040
- upgrade openssl sources to 1.0.2m (Shigeki Ohtsu)
#16691
- upgrade openssl sources to 1.0.2l (Daniel Bevenius)
#13233
PR-URL: #16500
abhishekumar-tyagi
pushed a commit
to abhishekumar-tyagi/node
that referenced
this pull request
May 5, 2024
This is the certdata.txt[0] that ships in NSS 3.30.2, released on 2017-04-20. [0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_30_2_RTM/lib/ckfw/builtins/certdata.txt PR-URL: nodejs/node#13279 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
abhishekumar-tyagi
pushed a commit
to abhishekumar-tyagi/node
that referenced
this pull request
May 5, 2024
Update the list of root certificates in src/node_root_certs.h with tools/mk-ca-bundle.pl. Certificates added: - TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1 Certificates removed: - ApplicationCA - Japanese Government - Microsec e-Szigno Root CA - TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6 - WellsSecure Public Root Certificate Authority PR-URL: nodejs/node#13279 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Refs #12402 and particularly this comment:
3.31 won't be released until next month but 3.30 is here and is what ships in Firefox 54.
Certificates added:
Certificates removed:
Ideally this should go into 8.0.0. cc @nodejs/crypto @jasnell
CI: https://ci.nodejs.org/job/node-test-pull-request/8357/