cURL Docs CA Extract
Automatically converted CA Certs from mozilla.org
We provide automated conversions. The output CA bundle file in PEM format is available from here:
The PEM file contains the datestamp of the conversion and we try to only convert if there's a change in either the script or the source file.
These ca cert bundles do not contain the DigiNotar certificates as Mozilla marks them as untrusted and this script knows the markup for that, but it may contain related certificates that Mozilla (and others) would block using other means. (Like some certs that were cross-signed by Entrust etc). See details in bug #1178.
The mk-ca-bundle.pl script
The exact Mozilla file needed for this job is found within that script.
CA bundle license
This new file is only a converted version of the original one and thus it is licensed under the same licenses as the Mozilla source file: MPL 1.1, GPL v2.0 or LGPL 2.1
Convert from your local Firefox installation
You can also extract the ca certs off your Firefox installation, if you just have the 'certutil' tool installed and run the firefox-db2pem.sh script!
What - no HTTPS?
Yes, pointing out that this contents is not hosted on a HTTPS site is a popular thing to do but really it doesn't help anyone, nor does it bring any news.
Page updated May 6, 2013.
web site info