we are currently discussing if we would like to automatically import
root CAs, for example from the Mozilla Root Store for Email, into our
ciphermail appliance from the command-line.
The CertStore Tool (mitm.application.djigzo.tools.CertStore
-import-certificates) works as expected and accepts root CA certificates
but places them in the certificates store and not the root store. At
least in the tests I made so far.
Before discussing internally if it would be wise to regularly and
automatically import root CAs (to avoid updating them manually), I would
like to know if there is a supported way to do this or not.
I added an option to import certificates into the root store with the
CertStore tool.
This will be included with a new release. I you cannot wait, you can
see whether you can build a release yourself or cherry pick the change
to your own version:
Kind regards,
Martijn Brinkers
···
--
CipherMail email encryption
Email encryption with support for S/MIME,
OpenPGP, PDF Messenger and Webmail Messenger
On Thu, 2021-02-18 at 10:55 +0100, Olaf Schwarz via Users wrote:
Hi all,
we are currently discussing if we would like to automatically import
root CAs, for example from the Mozilla Root Store for Email, into our
ciphermail appliance from the command-line.
The CertStore Tool (mitm.application.djigzo.tools.CertStore
-import-certificates) works as expected and accepts root CA
certificates
but places them in the certificates store and not the root store. At
least in the tests I made so far.
Before discussing internally if it would be wise to regularly and
automatically import root CAs (to avoid updating them manually), I
would
like to know if there is a supported way to do this or not.