On 2004-04-09 at 11:55:41+01 Joe Orton <jorton@xxxxxxxxxx> wrote: > On Fri, Apr 09, 2004 at 06:09:58AM -0400, James Ralston wrote: > > > Has anyone figured out a way to extract the root CA certs from > > Mozilla into individually PEM-encoded certs? > > We were looking into this a while back, to see whether we could > include the Mozilla root CA bundle in the OpenSSL package... it > wasn't clear whether we could because of the > licensing. (certdata.txt is licensed under the MPL) Ah. > Debian have a "ca-certificates" package, the source of which > includes a Ruby script which converts Mozilla's certdata.txt into a > set of PEM files (attached). That's exactly what I needed. Thanks much for the pointer! James
