hi all,

as much as i appreciate every discussion, i would kindly ask everybody to 
refrain from posting links pointing at actual downloads
my 0.02$

x

> On 30 Oct 2021, at 2:49 PM, Al Varnell via macports-users 
> <macports-users@lists.macports.org> wrote:
> 
> I see that I already have the latest ISRG Root X1 certificate in the System 
> Roots keychain, so not sure why I would need to add it to my System keychain.
> 
> And when I went to https://letsencrypt.org/certs/isrgrootx1.pem 
> <https://letsencrypt.org/certs/isrgrootx1.pem> to download, it showed up as a 
> .cer instead of a .pem.
> 
> -Al-
> 
>> On Oct 29, 2021, at 10:25 PM, Michael <keybou...@gmail.com 
>> <mailto:keybou...@gmail.com>> wrote:
>> 
>> So I found this advice online for updating certs without having to worry 
>> about trusting expired old certs.
>> 
>> 1. Visit https://letsencrypt.org/certs/isrgrootx1.pem 
>> <https://letsencrypt.org/certs/isrgrootx1.pem> to download the certificate, 
>> and save it in the Documents folder.
>> 
>> 2. Open Terminal, paste this command, and press enter:
>> 
>> sudo security -v add-trusted-cert -d -r trustRoot -k 
>> "/Library/Keychains/System.keychain" ~/Documents/isrgrootx1.pem
>> 
>> This eliminates the need for marking the expired DST root as special-case 
>> trusted.
> 
>          
> Powered by Mailbutler 
> <https://www.mailbutler.io/?utm_source=watermark&utm_medium=email&utm_campaign=watermark-variant-primary>,
>  the email extension that does it all

Reply via email to