|
|
206e80 |
This directory /etc/pki/ca-trust/extracted/pem/ contains
|
|
|
206e80 |
CA certificate bundle files which are automatically created
|
|
|
206e80 |
based on the information found in the
|
|
|
206e80 |
/usr/share/pki/ca-trust-source/ and /etc/pki/ca-trust/source/
|
|
|
206e80 |
directories.
|
|
|
206e80 |
|
|
|
206e80 |
All files are in the BEGIN/END CERTIFICATE file format,
|
|
|
206e80 |
as described in the x509(1) manual page.
|
|
|
206e80 |
|
|
|
206e80 |
Distrust information cannot be represented in this file format,
|
|
|
206e80 |
and distrusted certificates are missing from these files.
|
|
|
206e80 |
|
|
|
206e80 |
If your application isn't able to load the PKCS#11 module p11-kit-trust.so,
|
|
|
206e80 |
then you can use these files in your application to load a list of global
|
|
|
206e80 |
root CA certificates.
|
|
|
206e80 |
|
|
|
206e80 |
Please never manually edit the files stored in this directory,
|
|
|
206e80 |
because your changes will be lost and the files automatically overwritten,
|
|
|
206e80 |
each time the update-ca-trust command gets executed.
|
|
|
206e80 |
|
|
|
206e80 |
Please refer to the update-ca-trust(8) manual page for additional information.
|