cmd-crypto/etc/Makefile.ca-links

	Makefile.ca-links revision 70f9559bd0c02885d84a425eaafc8c280df10efb
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License (the "License").
# You may not use this file except in compliance with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# or http://www.opensolaris.org/os/licensing.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#
# Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
# Copyright (c) 2012, OmniTI Computer Consulting, Inc. All rights reserved.

#
# These CA certs are extracted from the NSS database libnssckbi.so.
# Each CA cert is pointed by a symbolic link. The name of the
# symbolic link file is determined by the "hash" value using
# openssl command. When the NSS database is updated, we will extract
# the CA certs out of it and deliver the new set of CA certs.
#

CASRCDIR =	CA-certs
OPENSSL =	/usr/bin/openssl

CAFILES = ABAecom_sub.,_Am._Bankers_Assn._Root_CA.pem	\
	AddTrust_External_Root.pem	\
	AddTrust_Low-Value_Services_Root.pem	\
	AddTrust_Public_Services_Root.pem	\
	AddTrust_Qualified_Certificates_Root.pem	\
	America_Online_Root_Certification_Authority_1.pem	\
	America_Online_Root_Certification_Authority_2.pem	\
	AOL_Time_Warner_Root_Certification_Authority_1.pem	\
	AOL_Time_Warner_Root_Certification_Authority_2.pem	\
	Baltimore_CyberTrust_Root.pem	\
	beTRUSTed_Root_CA-Baltimore_Implementation.pem	\
	beTRUSTed_Root_CA_-_Entrust_Implementation.pem	\
	beTRUSTed_Root_CA.pem	\
	beTRUSTed_Root_CA_-_RSA_Implementation.pem	\
	Camerfirma_Chambers_of_Commerce_Root.pem	\
	Camerfirma_Global_Chambersign_Root.pem	\
	Certigna.pem	\
	Certplus_Class_2_Primary_CA.pem	\
	Certum_Root_CA.pem	\
	Comodo_AAA_Services_root.pem	\
	COMODO_Certification_Authority.pem	\
	COMODO_ECC_Certification_Authority.pem	\
	Comodo_Secure_Services_root.pem	\
	Comodo_Trusted_Services_root.pem	\
	ComSign_CA.pem	\
	ComSign_Secured_CA.pem	\
	Cybertrust_Global_Root.pem	\
	Deutsche_Telekom_Root_CA_2.pem	\
	DigiCert_Assured_ID_Root_CA.pem	\
	DigiCert_Global_Root_CA.pem	\
	DigiCert_High_Assurance_EV_Root_CA.pem	\
	Digital_Signature_Trust_Co._Global_CA_1.pem	\
	Digital_Signature_Trust_Co._Global_CA_2.pem	\
	Digital_Signature_Trust_Co._Global_CA_3.pem	\
	Digital_Signature_Trust_Co._Global_CA_4.pem	\
	DST_ACES_CA_X6.pem	\
	DST_Root_CA_X3.pem	\
	Entrust.net_Global_Secure_Personal_CA.pem	\
	Entrust.net_Global_Secure_Server_CA.pem	\
	Entrust.net_Premium_2048_Secure_Server_CA.pem	\
	Entrust.net_Secure_Personal_CA.pem	\
	Entrust.net_Secure_Server_CA.pem	\
	Entrust_Root_Certification_Authority.pem	\
	ePKI_Root_Certification_Authority.pem	\
	Equifax_Secure_CA.pem	\
	Equifax_Secure_eBusiness_CA_1.pem	\
	Equifax_Secure_eBusiness_CA_2.pem	\
	Equifax_Secure_Global_eBusiness_CA.pem	\
	Firmaprofesional_Root_CA.pem	\
	GeoTrust_Global_CA_2.pem	\
	GeoTrust_Global_CA.pem	\
	GeoTrust_Primary_Certification_Authority.pem	\
	GeoTrust_Universal_CA_2.pem	\
	GeoTrust_Universal_CA.pem	\
	GlobalSign_Root_CA.pem	\
	GlobalSign_Root_CA_-_R2.pem	\
	Go_Daddy_Class_2_CA.pem	\
	GTE_CyberTrust_Global_Root.pem	\
	GTE_CyberTrust_Root_CA.pem	\
	IGC_A.pem	\
	IPS_Chained_CAs_root.pem	\
	IPS_CLASE1_root.pem	\
	IPS_CLASE3_root.pem	\
	IPS_CLASEA1_root.pem	\
	IPS_CLASEA3_root.pem	\
	IPS_Servidores_root.pem	\
	IPS_Timestamping_root.pem	\
	MD5_Collisions_Forged_Rogue_CA_25c3.pem	\
	Microsec_e-Szigno_Root_CA.pem	\
	NetLock_Business_Class_B_Root.pem	\
	NetLock_Express_Class_C_Root.pem	\
	NetLock_Notary_Class_A_Root.pem	\
	NetLock_Qualified_Class_QA_Root.pem	\
	Network_Solutions_Certificate_Authority.pem	\
	OISTE_WISeKey_Global_Root_GA_CA.pem	\
	QuoVadis_Root_CA_2.pem	\
	QuoVadis_Root_CA_3.pem	\
	QuoVadis_Root_CA.pem	\
	RSA_Root_Certificate_1.pem	\
	RSA_Security_1024_v3.pem	\
	RSA_Security_2048_v3.pem	\
	Secure_Global_CA.pem	\
	SecureTrust_CA.pem	\
	Security_Communication_EV_RootCA1.pem	\
	Security_Communication_Root_CA.pem	\
	Sonera_Class_1_Root_CA.pem	\
	Sonera_Class_2_Root_CA.pem	\
	Staat_der_Nederlanden_Root_CA.pem	\
	Starfield_Class_2_CA.pem	\
	StartCom_Certification_Authority.pem	\
	StartCom_Ltd..pem	\
	S-TRUST_Authentication_and_Encryption_Root_CA_2005_PN.pem	\
	Swisscom_Root_CA_1.pem	\
	SwissSign_Gold_CA_-_G2.pem	\
	SwissSign_Platinum_CA_-_G2.pem	\
	SwissSign_Silver_CA_-_G2.pem	\
	Taiwan_GRCA.pem	\
	TC_TrustCenter_Class_2_CA_II.pem	\
	TC_TrustCenter_Class_3_CA_II.pem	\
	TC_TrustCenter,_Germany,_Class_2_CA.pem	\
	TC_TrustCenter,_Germany,_Class_3_CA.pem	\
	TC_TrustCenter_Universal_CA_I.pem	\
	TDC_Internet_Root_CA.pem	\
	TDC_OCES_Root_CA.pem	\
	Thawte_Personal_Basic_CA.pem	\
	Thawte_Personal_Freemail_CA.pem	\
	Thawte_Personal_Premium_CA.pem	\
	Thawte_Premium_Server_CA.pem	\
	thawte_Primary_Root_CA.pem	\
	Thawte_Server_CA.pem	\
	Thawte_Time_Stamping_CA.pem	\
	TURKTRUST_Certificate_Services_Provider_Root_1.pem	\
	TURKTRUST_Certificate_Services_Provider_Root_2.pem	\
	UTN_DATACorp_SGC_Root_CA.pem	\
	UTN_USERFirst_Email_Root_CA.pem	\
	UTN_USERFirst_Hardware_Root_CA.pem	\
	UTN-USER_First-Network_Applications.pem	\
	UTN_USERFirst_Object_Root_CA.pem	\
	ValiCert_Class_1_VA.pem	\
	ValiCert_Class_2_VA.pem	\
	Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.pem	\
	Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.pem	\
	Verisign_Class_1_Public_Primary_Certification_Authority.pem	\
	Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.pem	\
	Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.pem	\
	Verisign_Class_2_Public_Primary_Certification_Authority.pem	\
	Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.pem	\
	Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.pem	\
	VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.pem	\
	Verisign_Class_3_Public_Primary_Certification_Authority.pem	\
	Verisign_Class_4_Public_Primary_Certification_Authority_-_G2.pem	\
	Verisign_Class_4_Public_Primary_Certification_Authority_-_G3.pem	\
	Verisign_RSA_Secure_Server_CA.pem	\
	Verisign_Time_Stamping_Authority_CA.pem	\
	Visa_eCommerce_Root.pem	\
	Visa_International_Global_Root_2.pem	\
	Wells_Fargo_Root_CA.pem	\
	WellsSecure_Public_Root_Certificate_Authority.pem	\
	XRamp_Global_CA_Root.pem

IETCCAFILES +=		$(CAFILES:%=$(ROOTETCCADIR)/%)

$(ROOTETCCADIR)/%:    $(CASRCDIR)/%
	$(INS.file); \
	ROOTCALINK=$(ROOTETCCALINKDIR)/`$(OPENSSL) x509 -noout -hash -in $<`.0; \
	$(RM) $$ROOTCALINK; \
	$(LN) -s $(CATARGDIR)/$(@F) $$ROOTCALINK
	-ROOTCALINK=$(ROOTETCCALINKDIR)/`$(OPENSSL) x509 -noout -subject_hash_old -in $< 2>/dev/null`.0; \
	test "$$ROOTCALINK" = "$(ROOTETCCALINKDIR)/.0" || $(RM) $$ROOTCALINK; \
	test "$$ROOTCALINK" = "$(ROOTETCCALINKDIR)/.0" || $(LN) -s $(CATARGDIR)/$(@F) $$ROOTCALINK