Package: ca-certificates
Version: 20130906
Severity: wishlist
File: /usr/sbin/update-ca-certificates
Dear Maintainer,
I have cluster of hosts with synchronized /etc/things selected
(/etc/ca-certificates.conf, /etc/ssl, /usr/local/share/ca-certificates
beside others). Problem with update-ca-certificates is, that it reads
local certificates /usr/local/share/ca-certificates using find and the
order of certs in the bundle differs (is based on directory read order)
:(.
Is it possible to add sort after find, so the order will be deterministic?
--- /usr/sbin/update-ca-certificates~ 2013-10-22 17:36:21.953351000 +0200
+++ /usr/sbin/update-ca-certificates 2013-10-22 17:36:42.685350998 +0200
@@ -121,7 +121,7 @@
# administrator.
if [ -d "$LOCALCERTSDIR" ]
then
- find -L "$LOCALCERTSDIR" -type f -name '*.crt' | while read crt
+ find -L "$LOCALCERTSDIR" -type f -name '*.crt' | sort | while read crt
do
add "$crt"
done
Thanks
--
Zito
-- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.11-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=cs_CZ.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages ca-certificates depends on:
ii debconf [debconf-2.0] 1.5.51
ii openssl 1.0.1e-3
ca-certificates recommends no packages.
ca-certificates suggests no packages.
-- debconf information excluded
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
