https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=284901
Bug ID: 284901
Summary: certctl produces many duplicate warnings when
security/ca_root_nss is installed
Product: Base System
Version: 15.0-CURRENT
Hardware: Any
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: bin
Assignee: b...@freebsd.org
Reporter: micha...@freebsd.org
In verbose mode one can see:
> ...
> certctl: Adding 1c683ff3.0 to trust store
> certctl: Reading /usr/local/share/certs/ca-root-nss.crt
> certctl: Multiple certificates found, splitting...
> certctl: Skipping duplicate entry for certificate 0bf05006
> certctl: Skipping duplicate entry for certificate 0b1b94ef
> certctl: Skipping duplicate entry for certificate 8d86cdd1
> certctl: Adding 616816f6.0 to trust store
> certctl: Skipping duplicate entry for certificate 9d04f354
> certctl: Skipping duplicate entry for certificate 865fbdf9
> certctl: Skipping duplicate entry for certificate 6d41d539
> certctl: Skipping duplicate entry for certificate 5f15c80c
> certctl: Skipping duplicate entry for certificate f249de83
> certctl: Skipping duplicate entry for certificate ed858448
> certctl: Skipping duplicate entry for certificate 3e359ba6
> certctl: Skipping duplicate entry for certificate 244b5494
> certctl: Skipping duplicate entry for certificate 9f727ac7
> certctl: Skipping duplicate entry for certificate 1e08bfd1
> certctl: Skipping duplicate entry for certificate 106f3e4d
> certctl: Skipping duplicate entry for certificate d7e8dc79
> certctl: Skipping duplicate entry for certificate 062cdee6
> certctl: Skipping duplicate entry for certificate bf53fb88
> certctl: Skipping duplicate entry for certificate 002c0b4f
> certctl: Skipping duplicate entry for certificate e73d606e
> certctl: Skipping duplicate entry for certificate b0e59380
> certctl: Skipping duplicate entry for certificate 1001acf7
> certctl: Skipping duplicate entry for certificate 4b718d9b
> certctl: Skipping duplicate entry for certificate 02265526
> certctl: Skipping duplicate entry for certificate ef954a4e
> certctl: Skipping duplicate entry for certificate 0179095f
> certctl: Skipping duplicate entry for certificate 7a3adc42
> certctl: Skipping duplicate entry for certificate 7a780d93
> certctl: Skipping duplicate entry for certificate ff34af3f
> certctl: Skipping duplicate entry for certificate b433981b
> certctl: Skipping duplicate entry for certificate b727005e
> certctl: Skipping duplicate entry for certificate 4f316efb
> certctl: Skipping duplicate entry for certificate 9ef4a08a
> certctl: Skipping duplicate entry for certificate eed8c118
> certctl: Skipping duplicate entry for certificate 18856ac4
> certctl: Skipping duplicate entry for certificate da0cfd1d
> certctl: Skipping duplicate entry for certificate 48bec511
> certctl: Skipping duplicate entry for certificate fe8a2cd8
> certctl: Skipping duplicate entry for certificate a89d74c2
> certctl: Skipping duplicate entry for certificate b1159c4c
> certctl: Adding 878d9bca.0 to trust store
> certctl: Skipping duplicate entry for certificate f51bb24c
> certctl: Skipping duplicate entry for certificate 8312c4c1
> certctl: Skipping duplicate entry for certificate 08063a00
> certctl: Skipping duplicate entry for certificate 2ae6433e
> certctl: Skipping duplicate entry for certificate c01eb047
> certctl: Skipping duplicate entry for certificate a94d09e5
> certctl: Skipping duplicate entry for certificate 5cd81ad7
> certctl: Skipping duplicate entry for certificate b7a5b843
> certctl: Skipping duplicate entry for certificate ce5e74ef
> certctl: Skipping duplicate entry for certificate 8d89cda1
> certctl: Skipping duplicate entry for certificate dc4d6a89
> certctl: Skipping duplicate entry for certificate 406c9bb1
> certctl: Skipping duplicate entry for certificate cc450945
> certctl: Skipping duplicate entry for certificate ecccd8db
> certctl: Skipping duplicate entry for certificate 9846683b
> certctl: Skipping duplicate entry for certificate 32888f65
> certctl: Skipping duplicate entry for certificate ca6e4ad9
> certctl: Skipping duplicate entry for certificate e868b802
> certctl: Skipping duplicate entry for certificate 626dceaf
> certctl: Skipping duplicate entry for certificate 0f6fa695
> certctl: Skipping duplicate entry for certificate 773e07ad
> certctl: Skipping duplicate entry for certificate 8f103249
> certctl: Skipping duplicate entry for certificate 930ac5d2
> certctl: Skipping duplicate entry for certificate e36a6752
> certctl: Skipping duplicate entry for certificate d887a5bb
> certctl: Skipping duplicate entry for certificate e113c810
> certctl: Skipping duplicate entry for certificate 9b46e03d
> certctl: Skipping duplicate entry for certificate 40193066
> certctl: Skipping duplicate entry for certificate e18bfb83
> certctl: Skipping duplicate entry for certificate cd58d51e
> certctl: Skipping duplicate entry for certificate 4fd49c6c
> certctl: Skipping duplicate entry for certificate 3513523f
> certctl: Skipping duplicate entry for certificate 5931b5bc
> certctl: Skipping duplicate entry for certificate 09789157
> certctl: Skipping duplicate entry for certificate 8508e720
> certctl: Skipping duplicate entry for certificate 706f604c
> certctl: Skipping duplicate entry for certificate 653b494a
> certctl: Skipping duplicate entry for certificate ddcda989
> certctl: Skipping duplicate entry for certificate 93bc0acc
> certctl: Skipping duplicate entry for certificate de6d66f3
> certctl: Skipping duplicate entry for certificate fd64f3fc
> certctl: Skipping duplicate entry for certificate dd8e9d41
> certctl: Skipping duplicate entry for certificate d6325660
> certctl: Skipping duplicate entry for certificate 57bcb2da
> certctl: Skipping duplicate entry for certificate 9482e63a
> certctl: Skipping duplicate entry for certificate 9046744a
> certctl: Skipping duplicate entry for certificate f39fc864
> certctl: Skipping duplicate entry for certificate 40547a79
> certctl: Skipping duplicate entry for certificate 1d3472b9
> certctl: Skipping duplicate entry for certificate 988a38cb
> certctl: Skipping duplicate entry for certificate f081611a
> certctl: Skipping duplicate entry for certificate 68dd7389
> certctl: Skipping duplicate entry for certificate 5e98733a
> certctl: Skipping duplicate entry for certificate 14bc7599
> certctl: Skipping duplicate entry for certificate 6b99d060
> certctl: Skipping duplicate entry for certificate 4042bcee
> certctl: Skipping duplicate entry for certificate 7719f463
> certctl: Skipping duplicate entry for certificate 3fb36b73
> certctl: Skipping duplicate entry for certificate 5ad8a5d6
> certctl: Skipping duplicate entry for certificate 064e0aa9
> certctl: Skipping duplicate entry for certificate b66938e9
> certctl: Skipping duplicate entry for certificate 5f618aec
> certctl: Skipping duplicate entry for certificate 228f89db
> certctl: Skipping duplicate entry for certificate 06dc52d5
> certctl: Skipping duplicate entry for certificate 5443e9e3
> certctl: Skipping duplicate entry for certificate 6fa5da56
> certctl: Skipping duplicate entry for certificate 7f3d5d1d
> certctl: Skipping duplicate entry for certificate cd8c0d63
> certctl: Skipping duplicate entry for certificate 1cef98f5
> certctl: Adding b8d25de6.0 to trust store
> certctl: Skipping duplicate entry for certificate 8cb5ee0f
> ...
When security/ca_root_nss is installed as an (automatic) package because
basically all those CA certs are already bundled with the system. One should
explicitly exclude this file unil that port disappears completely.
Will provide a review.
--
You are receiving this mail because:
You are the assignee for the bug.
