Wednesday, June 14, 2017

SSL Cert Bundle (Root Certificate Authorities)

Certain tools/scripts require you to specify a Root CA bundle for them to compare SSL certificates against. Below are a couple paths containing downloadable files containing root certificate information:

Curl's Bundle (based off Mozilla, easy to integrate):
http://curl.haxx.se/ca/cacert.pem

Mozilla's Cert text file:
https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt

Chrome:
Chrome uses the underlying certificate store that is already on the machine

Microsoft:
http://aka.ms/RootCertDownload


This github project tracks certificates from different vendors:
https://github.com/kirei/catt

No comments:

Post a Comment