Change Details

Currently, `certctl rehash` will just keep clobbering .0 rather than incrementing the suffix upon encountering a duplicate. Do this, and do it for revocations as well. While here, we fix revocations to use the proper notation: .rD instead of .D. PR: 246614 These parts of the feedback received have not yet been addressed: * While links are created correctly as it seems: > Reading siemens-cert-14.crt > Adding 8dc03e53.0 to trust store > Reading siemens-cert-15.crt > Adding 8dc03e53.1 to trust store * 'certctl list' does not show any of them because of: > for CFILE in *.0; do You likely will need to add *.1, *.2, ..., *.9 * There is another conceptional issue: *.n is only for the hashed links, not fo scanning, see https://www.openssl.org/docs/man1.1.1/man1/c_rehash.html. Admittedly, it is not clear to me what needs to be done with that last bullet point.

Currently, `certctl rehash` will just keep clobbering .0 rather than incrementing the suffix upon encountering a duplicate. Do this, and do it for revocations as well. While here, we fix revocations to use the proper notation: .rD instead of .D. PR: 246614

Currently, `certctl rehash` will just keep clobbering .0 rather than incrementing the suffix upon encountering a duplicate. Do this, and do it for revocations as well. While here, we fix revocations to use the proper notation: .rD instead of .D. PR: 246614 These parts of the feedback received have not yet been addressed: * While links are created correctly as it seems: > Reading siemens-cert-14.crt > Adding 8dc03e53.0 to trust store > Reading siemens-cert-15.crt > Adding 8dc03e53.1 to trust store * 'certctl list' does not show any of them because of: > for CFILE in *.0; do You likely will need to add *.1, *.2, ..., *.9 * There is another conceptional issue: *.n is only for the hashed links, not fo scanning, see https://www.openssl.org/docs/man1.1.1/man1/c_rehash.html. Admittedly, it is not clear to me what needs to be done with that last bullet point.