Skip to content

hooks/archiso: do not use certificates embedded in the signature during openssl cms verification

nl6720 requested to merge nl6720/mkinitcpio-archiso:openssl-cms-nointern into master

The signer's certificate is included in the initramfs, so there is no need to pay attention to any certificates that may be embedded in the signature file. This matches the behaviour of gpg which defaults to --no-auto-key-import.

Merge request reports

Loading