make-ca/CHANGELOG

0.9      - Use P11-Kit trust module to generate alternate certificate stores
           from trust policy
         - Only generate the trust store and NSSDB when using DESTDIR - you now 
           must run the installed script as part of your post-installation
           proceedure, with P11-Kit trust available, to generate the alternate
           certificate stores - only the trust store and NSSDB are distributed
         - Added "Wants=network-online.target" to update-pki.service - Thanks to
           Brendan L for the fix
         - No longer generate Java p12 format cacerts
0.8      - Use 'openssl rehash' instead of c-rehash script
0.7      - Generate both PKCS#12 and JKS stores for Java
         - Local certs keep out of band trust when copied to system certs
         - Remove use of .old files/directories
0.6      - Allow use of proxy with OpenSSL s_client
         - Really check revision before download
         - Make sure download was successful before testing values
0.5      - Install systemd timer and service units
         - Add uninstall and clean targets
0.4      - Add email and code signing flat file certificate stores
0.3      - Generate single file stores (Java and GNUTLS) using main OpenSSL
           store as source to avoid duplicates
0.2      - Install source certdata.txt file
         - Provide -r/--rebuild option
         - Add -g/--get option to download using only s_client
         - Always add REVISION value to installed certdata.txt
         - Use HG revision value (fall back to date for local files)
         - Allow rebuid within DESTDIR
         - Complete manpage
0.1      - Check executable bit for CERTUTIL, KEYTOOL, and OPENSSL
         - Allow global configuration file
         - Use correct license text (MIT)
20170425 - Use p11-kit format anchors
         - Add CKA_NSS_MOZILLA_CA_POLICY attribute for p11-kit anchors
         - Add clientAuth OpenSSL attribute and (currently unused) NSS
           CKA_TRUST_CLIENT_AUTH
20170119 - Show trust bits on local certs
         - Add version output for help2man
20161210 - Add note about --force swich when same version
20161126 - Add -D/--destdir switch
20161124 - Add -f/--force switch to bypass version check
         - Add multiple switches to allow for alternate localtions
         - Add help text
20161118 - Drop make-cert.pl script
         - Add support for Java and NSSDB
Use p11-kit to generate alternate stores 2018-09-02 13:29:25 +05:30			`0.9 - Use P11-Kit trust module to generate alternate certificate stores`
			`from trust policy`
			`- Only generate the trust store and NSSDB when using DESTDIR - you now`
			`must run the installed script as part of your post-installation`
			`proceedure, with P11-Kit trust available, to generate the alternate`
			`certificate stores - only the trust store and NSSDB are distributed`
Properly update CHANGELOG. 2018-09-02 13:42:44 +05:30			`- Added "Wants=network-online.target" to update-pki.service - Thanks to`
			`Brendan L for the fix`
Fix accidental breakage of anchors 2018-09-03 11:27:28 +05:30			`- No longer generate Java p12 format cacerts`
Use p11-kit to generate alternate stores 2018-09-02 13:29:25 +05:30			`0.8 - Use 'openssl rehash' instead of c-rehash script`
Generate both PKCS#12 and JKS stores for Java Local certs keep out of band trust when copied to system certs 2018-02-08 10:19:55 +05:30			`0.7 - Generate both PKCS#12 and JKS stores for Java`
			`- Local certs keep out of band trust when copied to system certs`
Remove use of .old files/directories Fix argument for catrust/smtrust in java cacerts logic. 2018-02-19 08:05:03 +05:30			`- Remove use of .old files/directories`
Allow use of proxy with OpenSSL s_client. 2017-10-14 10:37:58 +05:30			`0.6 - Allow use of proxy with OpenSSL s_client`
			`- Really check revision before download`
			`- Make sure download was successful before testing values`
Add uninstall and clean target, install systemd units 2017-09-30 13:10:10 +05:30			`0.5 - Install systemd timer and service units`
			`- Add uninstall and clean targets`
Add email and code signing single stores. 2017-09-27 11:02:19 +05:30			`0.4 - Add email and code signing flat file certificate stores`
Generate single file stores using completed OpenSSL store. 2017-09-25 07:21:49 +05:30			`0.3 - Generate single file stores (Java and GNUTLS) using main OpenSSL`
			`store as source to avoid duplicates`
Install source certdata.txt file Provide -r/--rebuild option 2017-09-21 08:59:03 +05:30			`0.2 - Install source certdata.txt file`
Add -g/--get option to download using only s_client 2017-09-21 10:47:24 +05:30			`- Provide -r/--rebuild option`
			`- Add -g/--get option to download using only s_client`
Always add REVISION value to installed certdata.txt 2017-09-21 11:04:41 +05:30			`- Always add REVISION value to installed certdata.txt`
Use HG revision, fallback to date for local files 2017-09-22 22:20:47 +05:30			`- Use HG revision value (fall back to date for local files)`
Allow rebuild with DESTDIR 2017-09-23 03:07:00 +05:30			`- Allow rebuid within DESTDIR`
Update documentation and program output 2017-09-23 06:27:31 +05:30			`- Complete manpage`
Version 0.1. 2017-09-19 11:08:45 +05:30			`0.1 - Check executable bit for CERTUTIL, KEYTOOL, and OPENSSL`
refactor, fix license, check executable bit 2017-09-19 11:01:40 +05:30			`- Allow global configuration file`
			`- Use correct license text (MIT)`
			`20170425 - Use p11-kit format anchors`
			`- Add CKA_NSS_MOZILLA_CA_POLICY attribute for p11-kit anchors`
			`- Add clientAuth OpenSSL attribute and (currently unused) NSS`
			`CKA_TRUST_CLIENT_AUTH`
			`20170119 - Show trust bits on local certs`
			`- Add version output for help2man`
			`20161210 - Add note about --force swich when same version`
			`20161126 - Add -D/--destdir switch`
			`20161124 - Add -f/--force switch to bypass version check`
			`- Add multiple switches to allow for alternate localtions`
			`- Add help text`
			`20161118 - Drop make-cert.pl script`
			`- Add support for Java and NSSDB`