|
|
Subscribe / Log in / New account

Forgot distros?

Forgot distros?

Posted Aug 28, 2025 6:16 UTC (Thu) by zdzichu (subscriber, #17118)
Parent article: Linux's missing CRL infrastructure

> Most [applications] fill the content of these root stores by copying Mozilla's root store

Uhm, no? Most applications do not deal with cert stores, because there is one store provided and updated by the distribution. It often comes from Mozilla (https://fedoraproject.org/wiki/CA-Certificates , https://tracker.debian.org/pkg/ca-certificates ), but distros are competent enough not to botch it.

I don't see why CRL couldn't be managed by distros the same way.

to post comments

Forgot distros?

Posted Aug 28, 2025 7:21 UTC (Thu) by taladar (subscriber, #68407) [Link] (1 responses)

Usually there is (at least) two because the JVM insists on doing its own thing.

Forgot distros?

Posted Aug 28, 2025 8:19 UTC (Thu) by zdzichu (subscriber, #17118) [Link]

On Fedora, Java stack uses system CA list: https://docs.fedoraproject.org/en-US/quick-docs/using-sha...


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds