Details
-
Task
-
Resolution: Unresolved
-
Major
-
None
-
None
Description
Syncing our caroots.inf with Mozilla's certificate data currently involves gathering scripts and links from a Jira ticket and running a specialized CMake command.
Ideally this process should be integrated with our build system such that:
- caroots.inf is not updated automatically but the update can be done with a simple command within the build, e.g. ninja caroots_update
- the script checks whether any certificates changed before touching the file (so that you don't get annoying updates where only the date line in the header comment is changed)
- we can perform some kind of validation of the changes (ideally bugzilla links for each added/removed cert, but more realistically simply fetching & comparing data from two different sources)
Attachments
Issue Links
- relates to
-
ROSBE-61 Support downloading from secure SSL/HTTPS links / Build cmake's libcurl with SSL support
-
- Resolved
-
-
-
- Resolved
-