certs: Add certificate for production key used in Debian signing service
This commit is contained in:
parent
16dec97798
commit
b91655bf3e
|
@ -0,0 +1,22 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIDnjCCAoagAwIBAgIRAO1UodWvh0iUjZ+JMu6cfDQwDQYJKoZIhvcNAQELBQAw
|
||||
IDEeMBwGA1UEAxMVRGViaWFuIFNlY3VyZSBCb290IENBMB4XDTE2MDgxNjE4MDkx
|
||||
OFoXDTQ2MDgwOTE4MDkxOFowIDEeMBwGA1UEAxMVRGViaWFuIFNlY3VyZSBCb290
|
||||
IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZXUi5vaEKwuyoI3
|
||||
waTLSsMbQpPCeinTbt1kr4Cv6maiG2GcgwzFa7k1Jf/F++gpQ97OSz3GEk2x7yZD
|
||||
lWjNBBH+wiSb3hTYhlHoOEO9sZoV5Qhr+FRQi7NLX/wU5DVQfAux4gOEqDZI5IDo
|
||||
6p/6v8UYe17OHL4sgHhJNRXAIc/vZtWKlggrZi9IF7Hn7IKPB+bK4F9xJDlQCo7R
|
||||
cihQpZ0h9ONhugkDZsjfTiY2CxUPYx8rr6vEKKJWZIWNplVBrjyIld3Qbdkp29jE
|
||||
aLX89FeJaxTb4O/uQA1iH+pY1KPYugOmly7FaxOkkXemta0jp+sKSRRGfHbpnjK0
|
||||
ia9XeQIDAQABo4HSMIHPMEEGCCsGAQUFBwEBBDUwMzAxBggrBgEFBQcwAoYlaHR0
|
||||
cHM6Ly9kc2EuZGViaWFuLm9yZy9zZWN1cmUtYm9vdC1jYTAfBgNVHSMEGDAWgBRs
|
||||
zs5+TGwNH2FJ890n38xcu0GeoTAUBglghkgBhvhCAQEBAf8EBAMCAPcwEwYDVR0l
|
||||
BAwwCgYIKwYBBQUHAwMwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8w
|
||||
HQYDVR0OBBYEFGzOzn5MbA0fYUnz3SffzFy7QZ6hMA0GCSqGSIb3DQEBCwUAA4IB
|
||||
AQB3lj5Hyc4Jz4uJzlntJg4mC7mtqSu9oeuIeQL/Md7+9WoH72ETEXAev5xOZmzh
|
||||
YhKXAVdlR91Kxvf03qjxE2LMg1esPKaRFa9VJnJpLhTN3U2z0WAkLTJPGWwRXvKj
|
||||
8qFfYg8wrq3xSGZkfTZEDQY0PS6vjp3DrcKR2Dfg7npfgjtnjgCKxKTfNRbCcitM
|
||||
UdeTk566CA1Zl/LiKaBETeru+D4CYMoVz06aJZGEP7dax+68a4Cj2f2ybXoeYxTr
|
||||
7/GwQCXV6A6B62v3y//lIQAiLC6aNWASS1tfOEaEDAacz3KTYhjuXJjWs30GJTmV
|
||||
305gdrAGewiwbuNknyFWrTkP
|
||||
-----END CERTIFICATE-----
|
|
@ -12,6 +12,7 @@ linux (4.18~rc7-1~exp1) UNRELEASED; urgency=medium
|
|||
[ Ben Hutchings ]
|
||||
* certs: Remove certificates for test key used in Debian signing service and
|
||||
for my personal signing key
|
||||
* certs: Add certificate for production key used in Debian signing service
|
||||
|
||||
-- Uwe Kleine-König <ukleinek@debian.org> Sat, 21 Jul 2018 16:52:01 +0200
|
||||
|
||||
|
|
|
@ -71,7 +71,7 @@ CONFIG_EFI_PARTITION=y
|
|||
#. Signatures are added in linux-signed
|
||||
CONFIG_MODULE_SIG_KEY=""
|
||||
#. Actually a file containing X.509 certificates, not keys
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS="debian/certs/debian-uefi-ca.pem"
|
||||
|
||||
##
|
||||
## file: crypto/Kconfig
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
## file: certs/Kconfig
|
||||
##
|
||||
#. Certificate paths are resolved relative to debian/build/source_rt
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS="../../certs/debian-uefi-ca.pem"
|
||||
|
||||
##
|
||||
## file: kernel/Kconfig.preempt
|
||||
|
|
Loading…
Reference in New Issue