Skip to content

Commit b1c5a33

Browse files
drwetterdrwetter
authored
Merge pull request #2192 from drwetter/update_clients1_3.0
Update client simulation for 3.0
2 parents 2ca5311 + 95b687b commit b1c5a33

File tree

6 files changed

+650
-69
lines changed

6 files changed

+650
-69
lines changed

.gitignore

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,16 @@
11
.DS_Store
2+
._.DS_Store
3+
.idea
24
tmp.json
35
*.bak
46
*.json
57
*.csv
68
*.log
79
*.xml
810
*.iml
11+
*.swp
12+
*.orig
13+
*.rej
14+
*.asc
15+
*.diff
16+
*.patch

etc/README.md

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -14,12 +14,12 @@ The certificate trust stores were retrieved from
1414
--> "Keychain Access" (2 click). In that window --> "Keychains" --> "System"
1515
--> "Category" --> "All Items"
1616
Select all CA certificates except for Developer ID Certification Authority, "File" --> "Export Items"
17-
2. __Internet:__ Pick the latest subdir (=highest number) from https://opensource.apple.com/source/security_certificates/. They are in DER format despite their file extension. Download them with ``wget --level=1 --cut-dirs=5 --mirror --convert-links --adjust-extension --page-requisites --no-parent https://opensource.apple.com/source/security_certificates/security_certificates-*/certificates/roots/``
17+
2. __Internet:__ Pick the latest subdir (=highest number) from https://opensource.apple.com/source/security_certificates/. They are in DER format despite their file extension. Download them with ``wget --level=1 --cut-dirs=5 --mirror --convert-links --adjust-extension --page-requisites --no-parent https://opensource.apple.com/source/security_certificates/security_certificates-*/certificates/roots/``
1818

1919

2020
Google Chromium uses basically the trust stores above, see https://www.chromium.org/Home/chromium-security/root-ca-policy.
2121

22-
If you want to check trust against e.g. a company internal CA you need to use ``./testssl.sh --add-ca companyCA1.pem,companyCA2.pem <further_cmds>`` or ``ADDITIONAL_CA_FILES=companyCA1.pem,companyCA2.pem ./testssl.sh <further_cmds>``.
22+
If you want to check trust against e.g. a company internal CA you need to use ``./testssl.sh --add-ca companyCA1.pem,companyCA2.pem <further_cmds>`` or ``ADDTL_CA_FILES=companyCA1.pem,companyCA2.pem ./testssl.sh <further_cmds>``.
2323

2424

2525
#### Further files
@@ -28,6 +28,8 @@ If you want to check trust against e.g. a company internal CA you need to use ``
2828

2929
* ``cipher-mapping.txt`` contains information about all of the cipher suites defined for SSL/TLS
3030

31+
* ``curves-mapping.txt`` contains information about all of the elliptic curves defined by IANA
32+
3133
* ``ca_hashes.txt`` is used for HPKP test in order to have a fast comparison with known CAs. Use
3234
``~/utils/create_ca_hashes.sh`` for an update
3335

0 commit comments

Comments
 (0)