From 41381edfdff23c1d95ad32fff5e7cf490af2ad92 Mon Sep 17 00:00:00 2001 From: Hugo Haakseth Date: Wed, 5 Jun 2024 19:07:30 +0200 Subject: [PATCH] EL9 distrust-dir changed from backlist to blocklist --- data/RedHat-family-9.yaml | 2 ++ spec/acceptance/ca_cert_ca_spec.rb | 6 +++++- 2 files changed, 7 insertions(+), 1 deletion(-) create mode 100644 data/RedHat-family-9.yaml diff --git a/data/RedHat-family-9.yaml b/data/RedHat-family-9.yaml new file mode 100644 index 0000000..a006784 --- /dev/null +++ b/data/RedHat-family-9.yaml @@ -0,0 +1,2 @@ +--- +ca_cert::distrusted_cert_dir: '/etc/pki/ca-trust/source/blocklist' diff --git a/spec/acceptance/ca_cert_ca_spec.rb b/spec/acceptance/ca_cert_ca_spec.rb index c2e491a..f860417 100644 --- a/spec/acceptance/ca_cert_ca_spec.rb +++ b/spec/acceptance/ca_cert_ca_spec.rb @@ -9,7 +9,11 @@ when 'RedHat' trusted_ca_file_remote = '/etc/pki/ca-trust/source/anchors/DigiCert_G5_TLS_ECC_SHA384_2021_CA1.crt' trusted_ca_file_text = '/etc/pki/ca-trust/source/anchors/InCommon.crt' - untrusted_ca_file_remote = '/etc/pki/ca-trust/source/blacklist/DigiCert_Global_Root_G3.crt' + if host_inventory['facter']['os']['release']['major'] < '9' + untrusted_ca_file_remote = '/etc/pki/ca-trust/source/blacklist/DigiCert_Global_Root_G3.crt' + else + untrusted_ca_file_remote = '/etc/pki/ca-trust/source/blocklist/DigiCert_Global_Root_G3.crt' + end ca_certificates_bundle = '/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem' when 'Archlinux' trusted_ca_file_remote = '/etc/ca-certificates/trust-source/anchors/DigiCert_G5_TLS_ECC_SHA384_2021_CA1.crt'