mirror of
https://git.FreeBSD.org/src.git
synced 2025-02-06 18:29:47 +00:00
b25bf676f0
Interested users can blacklist any/all of these with certctl(8), examples:
- mv /usr/share/certs/trusted/... /usr/share/certs/blacklisted/...; \
certctl rehash
- certctl blacklist /usr/share/certs/trusted/*; \
certctl rehash
Certs can be easily examined after installation with `certctl list`, and
certctl blacklist will accept the hashed filename as output by list or as
seen in /etc/ssl/certs
No objection from: secteam
Relnotes: Definite maybe