Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
crypto [2015/09/10 15:21]
mcb30
crypto [2018/03/23 23:31]
mcb30
Line 16: Line 16:
 ===== Trusted root certificates ===== ===== Trusted root certificates =====
  
-In the default configuration,​ iPXE trusts only a single root certificate:​ the {{:​certs:​ca.crt|"​iPXE root CA" certificate}}.+In the default configuration,​ iPXE trusts only a single root certificate:​ the {{:​certs:​ca.crt|"​iPXE root CA" certificate}}.  This root certificate is used to cross-sign the standard [[http://​mxr.mozilla.org/​comm-central/​source/​mozilla/​security/​nss/​lib/​ckfw/​builtins/​certdata.txt|Mozilla list of public CA certificates]]. 
 + 
 +In the default configuration,​ iPXE will therefore automatically trust the same set of certificates as the [[https://​www.mozilla.org/​firefox/​|Firefox]] web browser.
  
 If you want more control over the chain of trust, then you can generate your own private root certificate ''​ca.crt''​ using: If you want more control over the chain of trust, then you can generate your own private root certificate ''​ca.crt''​ using:
crypto.txt · Last modified: 2018/03/23 23:31 by mcb30
Recent changes RSS feed CC Attribution-Share Alike 4.0 International Driven by DokuWiki
All uses of this content must include an attribution to the iPXE project and the URL http://ipxe.org
References to "iPXE" may not be altered or removed.