| OLD | NEW |
|---|
| (Empty) |
| 1 # WoSign Certificates | |
| 2 | |
| 3 This directory contains the set of known active and legacy root certificates | |
| 4 operated by WoSign CA Limited, including those of its wholly owned subisiary | |
| 5 StartCom. | |
| 6 | |
| 7 Trust in these root certificates is being phased out, as described at | |
| 8 <https://security.googleblog.com/2016/10/distrusting-wosign-and-startcom.html> | |
| 9 | |
| 10 ## Roots | |
| 11 | |
| 12 The files in this directory are organized by the SHA-256 hash of the | |
| 13 certificate file, while the policies are based on the SHA-256 hash of | |
| 14 the subjectPublicKeyInfo contained within the certificate. | |
| 15 | |
| 16 The following command can be used to extract the key hashes: | |
| 17 | |
| 18 `` for f in *.pem; do openssl x509 -noout -pubkey -in "${f}" | openssl asn1parse
-inform pem -out /tmp/pubkey.out -noout; digest=`cat /tmp/pubkey.out | openssl
dgst -sha256 -c | sed s/:/,0x/g `; echo "0x${digest} ${f##*/}"; done | sort `` | |
| 19 | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2927383002:
Remove the StartCom/WoSign whitelist (Closed)
