You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
After updating to the 0.24.1 version of p11-kit I've noticed, that the distrusted certificates are no longer being picked up while running trust extract. My current guess is that it's related to the changes made in #324, where the source subdirectory has been changed from "blacklist" to "blocklist". This seems to be breaking backward compatibility and can cause regressions.
To protect ourselves from similar changes in the future, is there a build switch (a set of switches) similar to with-trust-paths but allowing to provide exact paths to all directories scanned while looking for source source certificates? I wasn't able to find one while going through the build documentation but perhaps I missed something.
Alternatively, the documentation mentions a way to customize the tools but I couldn't find the tools/p11-kit-trust-extract.in file in the repository or more detailed instructions on what's customizable and how.
Note: I configure the p11-kit build using the --with-trust-paths=<trust_path> switch and so the path for distrusted CAs used to be <trust_path>/blacklist.
The text was updated successfully, but these errors were encountered:
Hello,
After updating to the 0.24.1 version of
p11-kitI've noticed, that the distrusted certificates are no longer being picked up while runningtrust extract. My current guess is that it's related to the changes made in #324, where the source subdirectory has been changed from "blacklist" to "blocklist". This seems to be breaking backward compatibility and can cause regressions.To protect ourselves from similar changes in the future, is there a build switch (a set of switches) similar to
with-trust-pathsbut allowing to provide exact paths to all directories scanned while looking for source source certificates? I wasn't able to find one while going through the build documentation but perhaps I missed something.Alternatively, the documentation mentions a way to customize the tools but I couldn't find the
tools/p11-kit-trust-extract.infile in the repository or more detailed instructions on what's customizable and how.Note: I configure the
p11-kitbuild using the--with-trust-paths=<trust_path>switch and so the path for distrusted CAs used to be<trust_path>/blacklist.The text was updated successfully, but these errors were encountered: