Subversion Repositories svn LFS-FR

Rev

Blame | Last modification | View Log | RSS feed

# SOME DESCRIPTIVE TITLE
# Copyright (C) YEAR Free Software Foundation, Inc.
# This file is distributed under the same license as the PACKAGE package.
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
#
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"POT-Creation-Date: 2016-09-23 12:00+0200\n"
"PO-Revision-Date: 2016-08-17 09:23+0000\n"
"Last-Translator: roptat <roptat@lepiller.eu>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
"Language: fr\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n > 1);\n"
"X-Generator: Pootle 2.7\n"
"X-POOTLE-MTIME: 1471425828.000000\n"

#. type: Content of the certhost entity
#: blfs-en/postlfs/security/cacerts.xml:7
msgid "http://mxr.mozilla.org"
msgstr "http://mxr.mozilla.org"

#. type: Content of the certdir entity
#: blfs-en/postlfs/security/cacerts.xml:8
msgid "/mozilla/source/security/nss/lib/ckfw/builtins"
msgstr "/mozilla/source/security/nss/lib/ckfw/builtins"

#. type: Content of the ca-bundle-download entity
#: blfs-en/postlfs/security/cacerts.xml:9
msgid "&sources-anduin-http;/other/certdata.txt"
msgstr "&sources-anduin-http;/other/certdata.txt"

#. type: Content of the ca-bundle-size entity
#: blfs-en/postlfs/security/cacerts.xml:10
msgid "1.6 MB"
msgstr "1.6 Mio"

#. type: Content of the cacerts-buildsize entity
#: blfs-en/postlfs/security/cacerts.xml:11
msgid "6 MB"
msgstr "6 Mio"

#. type: Content of the cacerts-time entity
#: blfs-en/postlfs/security/cacerts.xml:12
msgid "0.1 SBU"
msgstr "0.1 SBU"

#. type: Content of: <sect1><sect1info>
#: blfs-en/postlfs/security/cacerts.xml:19
#, fuzzy
#| msgid ""
#| "<othername>$LastChangedBy: bdubbs $</othername> <date>$Date: 2016-02-23 "
#| "19:28:27 +0100 (Tue, 23 Feb 2016) $</date>"
msgid ""
"<othername>$LastChangedBy: bdubbs $</othername> <date>$Date: 2016-02-23 "
"19:28:27 +0100 (Tue 23 Feb 2016) $</date>"
msgstr ""
"<othername>$LastChangedBy: bdubbs $</othername> <date>$Date: 2016-02-23 "
"19:28:27 +0100 (mar. 23 févr. 2016) $</date>"

#. type: Content of: <sect1><indexterm><primary>
#: blfs-en/postlfs/security/cacerts.xml:23
#: blfs-en/postlfs/security/cacerts.xml:36
msgid "Certificate Authority Certificates"
msgstr "Certificate Authority Certificates"

#. type: Content of: <sect1><para>
#: blfs-en/postlfs/security/cacerts.xml:25
msgid ""
"The Public Key Infrastructure is used for many security issues in a Linux "
"system.  In order for a certificate to be trusted, it must be signed by a "
"trusted agent called a Certificate Authority (CA).  The certificates loaded "
"by this section are from the list on the Mozilla version control system and "
"formats it into a form used by <xref linkend='openssl'/>.  The certificates "
"can also be used by other applications either directly of indirectly through "
"<application>openssl</application>."
msgstr ""
"La <foreignphrase>Public Key Infrastructure</foreignphrase> (infrastructure "
"de clés publiques) est utilisée dans de nombreux cas de sécurité sur un "
"système Linux. Pour qu'un certificat soit fiable, il doit être signé par un "
"agent de confiance, qu'on appelle l'autorité de certificat "
"(<foreignphrase>Certificate Authority</foreignphrase>) (CA).  Les "
"certificats chargés dans cette section sont issus de la liste du système de "
"contrôle de Mozilla et elle est formatée dans une forme utilisée par <xref "
"linkend=\"openssl\"/>.  Les certificats peuvent également être utilisés par "
"d'autres applications, directement ou indirectement via "
"<application>openssl</application>."

#. type: Content of: <sect1><sect2><title>
#: blfs-en/postlfs/security/cacerts.xml:40
msgid "Introduction to Certificate Authorities"
msgstr "Introduction à Certificate Authorities"

#. type: Content of: <sect1><sect2><bridgehead>
#: blfs-en/postlfs/security/cacerts.xml:42
msgid "Package Information"
msgstr "Informations sur le paquet"

#. type: Content of: <sect1><sect2><itemizedlist><listitem><para>
#: blfs-en/postlfs/security/cacerts.xml:45
msgid "CA Certificate Download: <ulink url=\"&ca-bundle-download;\"/>"
msgstr ""
"Téléchargement du Certificat CA&nbsp;: <ulink url=\"&ca-bundle-download;\"/>"

#. type: Content of: <sect1><sect2><itemizedlist><listitem><para>
#: blfs-en/postlfs/security/cacerts.xml:48
msgid "CA Certificate size: &ca-bundle-size;"
msgstr "Taille des certificats CA&nbsp;: &ca-bundle-size;"

#. type: Content of: <sect1><sect2><itemizedlist><listitem><para>
#: blfs-en/postlfs/security/cacerts.xml:51
msgid "Estimated disk space required: &cacerts-buildsize;"
msgstr "Estimation de l'espace disque requis&nbsp;: &cacerts-buildsize;"

#. type: Content of: <sect1><sect2><itemizedlist><listitem><para>
#: blfs-en/postlfs/security/cacerts.xml:54
msgid "Estimated build time: &cacerts-time;"
msgstr "Estimation du temps de construction&nbsp;: &cacerts-time;"

#. type: Content of: <sect1><sect2><note><para>
#: blfs-en/postlfs/security/cacerts.xml:58
msgid ""
"The certfile.txt file above is actually retrieved from <ulink url=\"https://"
"hg.mozilla.org/releases/mozilla-release/file/default/security/nss/lib/ckfw/"
"builtins/certdata.txt\"/>.  It is really an HTML file, but the text file can "
"be retrieved indirectly from the HTML file.  The Download URL above "
"automates that process and also adds a line where the date can be extracted "
"as a revision number by the scripts below."
msgstr ""
"Le fichier certfile.txt dessous est en fait récupéré depuis <ulink url="
"\"https://hg.mozilla.org/releases/mozilla-release/file/default/security/nss/"
"lib/ckfw/builtins/certdata.txt\"/>.  C'est en fait un fichier HTML, mais le "
"fichier texte peut être pris indirectement depuis le fichier HTML. L'URL "
"dessous automatise ce processus et ajoute aussi une ligne où la date peut "
"être extraite en tant que numéro de révision par le script."

#. type: Content of: <sect1><sect2><bridgehead>
#: blfs-en/postlfs/security/cacerts.xml:65
msgid "Certificate Authority Certificates Dependencies"
msgstr "Dépendances de Certificate Authority Certificates"

#. type: Content of: <sect1><sect2><bridgehead>
#: blfs-en/postlfs/security/cacerts.xml:67
msgid "Required"
msgstr "Requises"

#. type: Content of: <sect1><sect2><para>
#: blfs-en/postlfs/security/cacerts.xml:68
msgid "<xref linkend=\"openssl\"/>"
msgstr "<xref linkend=\"openssl\"/>"

#. type: Content of: <sect1><sect2><bridgehead>
#: blfs-en/postlfs/security/cacerts.xml:70
msgid "Recommended"
msgstr "Recommandées"

#. type: Content of: <sect1><sect2><para>
#: blfs-en/postlfs/security/cacerts.xml:71
msgid "<xref linkend=\"wget\"/>"
msgstr "<xref linkend=\"wget\"/>"

#. type: Content of: <sect1><sect2><para>
#: blfs-en/postlfs/security/cacerts.xml:73
msgid "User Notes: <ulink url='&blfs-wiki;/cacerts'/>"
msgstr "Notes utilisateur&nbsp;: <ulink url='&blfs-wiki;/cacerts'/>"

#. type: Content of: <sect1><sect2><title>
#: blfs-en/postlfs/security/cacerts.xml:78
msgid "Installation of Certificate Authority Certificates"
msgstr "Installation de Certificate Authority Certificates"

#. type: Content of: <sect1><sect2><para>
#: blfs-en/postlfs/security/cacerts.xml:80
msgid ""
"First create a script to reformat a certificate into a form needed by "
"<application>openssl</application>.  As the <systemitem class=\"username"
"\">root</systemitem> user:"
msgstr ""
"Créez d'abord un script pour reformater un certificat dans la forme dont a "
"besoin <application>openssl</application>. En tant qu'utilisateur "
"<systemitem class=\"username\">root</systemitem>&nbsp;:"

#. type: Content of: <sect1><sect2><screen>
#: blfs-en/postlfs/security/cacerts.xml:84
#, no-wrap
msgid ""
"<userinput>cat > /usr/bin/make-cert.pl &lt;&lt; \"EOF\"\n"
"<literal>#!/usr/bin/perl -w\n"
"\n"
"# Used to generate PEM encoded files from Mozilla certdata.txt.\n"
"# Run as ./make-cert.pl > certificate.crt\n"
"#\n"
"# Parts of this script courtesy of RedHat (mkcabundle.pl)\n"
"#\n"
"# This script modified for use with single file data (tempfile.cer) extracted\n"
"# from certdata.txt, taken from the latest version in the Mozilla NSS source.\n"
"# mozilla/security/nss/lib/ckfw/builtins/certdata.txt\n"
"#\n"
"# Authors: DJ Lucas\n"
"#          Bruce Dubbs\n"
"#\n"
"# Version 20120211\n"
"\n"
"my $certdata = './tempfile.cer';\n"
"\n"
"open( IN, \"cat $certdata|\" )\n"
"    || die \"could not open $certdata\";\n"
"\n"
"my $incert = 0;\n"
"\n"
"while ( &lt;IN&gt; )\n"
"{\n"
"    if ( /^CKA_VALUE MULTILINE_OCTAL/ )\n"
"    {\n"
"        $incert = 1;\n"
"        open( OUT, \"|openssl x509 -text -inform DER -fingerprint\" )\n"
"            || die \"could not pipe to openssl x509\";\n"
"    }\n"
"\n"
"    elsif ( /^END/ &amp;&amp; $incert )\n"
"    {\n"
"        close( OUT );\n"
"        $incert = 0;\n"
"        print \"\\n\\n\";\n"
"    }\n"
"\n"
"    elsif ($incert)\n"
"    {\n"
"        my @bs = split( /\\\\/ );\n"
"        foreach my $b (@bs)\n"
"        {\n"
"            chomp $b;\n"
"            printf( OUT \"%c\", oct($b) ) unless $b eq '';\n"
"        }\n"
"    }\n"
"}</literal>\n"
"EOF\n"
"\n"
"chmod +x /usr/bin/make-cert.pl</userinput>"
msgstr ""
"<userinput>cat > /usr/bin/make-cert.pl &lt;&lt; \"EOF\"\n"
"<literal>#!/usr/bin/perl -w\n"
"\n"
"# Used to generate PEM encoded files from Mozilla certdata.txt.\n"
"# Run as ./make-cert.pl > certificate.crt\n"
"#\n"
"# Parts of this script courtesy of RedHat (mkcabundle.pl)\n"
"#\n"
"# This script modified for use with single file data (tempfile.cer) extracted\n"
"# from certdata.txt, taken from the latest version in the Mozilla NSS source.\n"
"# mozilla/security/nss/lib/ckfw/builtins/certdata.txt\n"
"#\n"
"# Authors: DJ Lucas\n"
"#          Bruce Dubbs\n"
"#\n"
"# Version 20120211\n"
"\n"
"my $certdata = './tempfile.cer';\n"
"\n"
"open( IN, \"cat $certdata|\" )\n"
"    || die \"could not open $certdata\";\n"
"\n"
"my $incert = 0;\n"
"\n"
"while ( &lt;IN&gt; )\n"
"{\n"
"    if ( /^CKA_VALUE MULTILINE_OCTAL/ )\n"
"    {\n"
"        $incert = 1;\n"
"        open( OUT, \"|openssl x509 -text -inform DER -fingerprint\" )\n"
"            || die \"could not pipe to openssl x509\";\n"
"    }\n"
"\n"
"    elsif ( /^END/ &amp;&amp; $incert )\n"
"    {\n"
"        close( OUT );\n"
"        $incert = 0;\n"
"        print \"\\n\\n\";\n"
"    }\n"
"\n"
"    elsif ($incert)\n"
"    {\n"
"        my @bs = split( /\\\\/ );\n"
"        foreach my $b (@bs)\n"
"        {\n"
"            chomp $b;\n"
"            printf( OUT \"%c\", oct($b) ) unless $b eq '';\n"
"        }\n"
"    }\n"
"}</literal>\n"
"EOF\n"
"\n"
"chmod +x /usr/bin/make-cert.pl</userinput>"

#. type: Content of: <sect1><sect2><para>
#: blfs-en/postlfs/security/cacerts.xml:138
msgid ""
"The following script creates the certificates and a bundle of all the "
"certificates.  It creates a <filename class='directory'>./certs</filename> "
"directory and <filename>./BLFS-ca-bundle-${VERSION}.crt</filename>.  Again "
"create this script as the <systemitem class=\"username\">root</systemitem> "
"user:"
msgstr ""
"Le script suivant crée les certificats et un bouquet de tous les "
"certificats. Il crée un répertoire <filename class='directory'>./certs</"
"filename> et <filename>./BLFS-ca-bundle-${VERSION}.crt</filename>.  Créez de "
"nouveau ce script en tant qu'utilisateur <systemitem class=\"username"
"\">root</systemitem>&nbsp;:"

#. type: Content of: <sect1><sect2><screen>
#: blfs-en/postlfs/security/cacerts.xml:144
#, no-wrap
msgid ""
"<userinput>cat > /usr/bin/make-ca.sh &lt;&lt; \"EOF\"\n"
"<literal>#!/bin/sh\n"
"# Begin make-ca.sh\n"
"# Script to populate OpenSSL's CApath from a bundle of PEM formatted CAs\n"
"#\n"
"# The file certdata.txt must exist in the local directory\n"
"# Version number is obtained from the version of the data.\n"
"#\n"
"# Authors: DJ Lucas\n"
"#          Bruce Dubbs\n"
"#\n"
"# Version 20120211\n"
"\n"
"# Some data in the certs have UTF-8 characters\n"
"export LANG=en_US.utf8\n"
"\n"
"certdata=\"certdata.txt\"\n"
"\n"
"if [ ! -r $certdata ]; then\n"
"  echo \"$certdata must be in the local directory\"\n"
"  exit 1\n"
"fi\n"
"\n"
"REVISION=$(grep CVS_ID $certdata | cut -f4 -d'$')\n"
"\n"
"if [ -z \"${REVISION}\" ]; then\n"
"  echo \"$certfile has no 'Revision' in CVS_ID\"\n"
"  exit 1\n"
"fi\n"
"\n"
"VERSION=$(echo $REVISION | cut -f2 -d\" \")\n"
"\n"
"TEMPDIR=$(mktemp -d)\n"
"TRUSTATTRIBUTES=\"CKA_TRUST_SERVER_AUTH\"\n"
"BUNDLE=\"BLFS-ca-bundle-${VERSION}.crt\"\n"
"CONVERTSCRIPT=\"/usr/bin/make-cert.pl\"\n"
"SSLDIR=\"/etc/ssl\"\n"
"\n"
"mkdir \"${TEMPDIR}/certs\"\n"
"\n"
"# Get a list of starting lines for each cert\n"
"CERTBEGINLIST=$(grep -n \"^# Certificate\" \"${certdata}\" | cut -d \":\" -f1)\n"
"\n"
"# Get a list of ending lines for each cert\n"
"CERTENDLIST=`grep -n \"^CKA_TRUST_STEP_UP_APPROVED\" \"${certdata}\" | cut -d \":\" -f 1`\n"
"\n"
"# Start a loop\n"
"for certbegin in ${CERTBEGINLIST}; do\n"
"  for certend in ${CERTENDLIST}; do\n"
"    if test \"${certend}\" -gt \"${certbegin}\"; then\n"
"      break\n"
"    fi\n"
"  done\n"
"\n"
"  # Dump to a temp file with the name of the file as the beginning line number\n"
"  sed -n \"${certbegin},${certend}p\" \"${certdata}\" > \"${TEMPDIR}/certs/${certbegin}.tmp\"\n"
"done\n"
"\n"
"unset CERTBEGINLIST CERTDATA CERTENDLIST certbegin certend\n"
"\n"
"mkdir -p certs\n"
"rm -f certs/*      # Make sure the directory is clean\n"
"\n"
"for tempfile in ${TEMPDIR}/certs/*.tmp; do\n"
"  # Make sure that the cert is trusted...\n"
"  grep \"CKA_TRUST_SERVER_AUTH\" \"${tempfile}\" | \\\n"
"    egrep \"TRUST_UNKNOWN|NOT_TRUSTED\" > /dev/null\n"
"\n"
"  if test \"${?}\" = \"0\"; then\n"
"    # Throw a meaningful error and remove the file\n"
"    cp \"${tempfile}\" tempfile.cer\n"
"    perl ${CONVERTSCRIPT} > tempfile.crt\n"
"    keyhash=$(openssl x509 -noout -in tempfile.crt -hash)\n"
"    echo \"Certificate ${keyhash} is not trusted!  Removing...\"\n"
"    rm -f tempfile.cer tempfile.crt \"${tempfile}\"\n"
"    continue\n"
"  fi\n"
"\n"
"  # If execution made it to here in the loop, the temp cert is trusted\n"
"  # Find the cert data and generate a cert file for it\n"
"\n"
"  cp \"${tempfile}\" tempfile.cer\n"
"  perl ${CONVERTSCRIPT} > tempfile.crt\n"
"  keyhash=$(openssl x509 -noout -in tempfile.crt -hash)\n"
"  mv tempfile.crt \"certs/${keyhash}.pem\"\n"
"  rm -f tempfile.cer \"${tempfile}\"\n"
"  echo \"Created ${keyhash}.pem\"\n"
"done\n"
"\n"
"# Remove blacklisted files\n"
"# MD5 Collision Proof of Concept CA\n"
"if test -f certs/8f111d69.pem; then\n"
"  echo \"Certificate 8f111d69 is not trusted!  Removing...\"\n"
"  rm -f certs/8f111d69.pem\n"
"fi\n"
"\n"
"# Finally, generate the bundle and clean up.\n"
"cat certs/*.pem >  ${BUNDLE}\n"
"rm -r \"${TEMPDIR}\"</literal>\n"
"EOF\n"
"\n"
"chmod +x /usr/bin/make-ca.sh</userinput>"
msgstr ""
"<userinput>cat > /usr/bin/make-ca.sh &lt;&lt; \"EOF\"\n"
"<literal>#!/bin/sh\n"
"# Begin make-ca.sh\n"
"# Script to populate OpenSSL's CApath from a bundle of PEM formatted CAs\n"
"#\n"
"# The file certdata.txt must exist in the local directory\n"
"# Version number is obtained from the version of the data.\n"
"#\n"
"# Authors: DJ Lucas\n"
"#          Bruce Dubbs\n"
"#\n"
"# Version 20120211\n"
"\n"
"# Some data in the certs have UTF-8 characters\n"
"export LANG=en_US.utf8\n"
"\n"
"certdata=\"certdata.txt\"\n"
"\n"
"if [ ! -r $certdata ]; then\n"
"  echo \"$certdata must be in the local directory\"\n"
"  exit 1\n"
"fi\n"
"\n"
"REVISION=$(grep CVS_ID $certdata | cut -f4 -d'$')\n"
"\n"
"if [ -z \"${REVISION}\" ]; then\n"
"  echo \"$certfile has no 'Revision' in CVS_ID\"\n"
"  exit 1\n"
"fi\n"
"\n"
"VERSION=$(echo $REVISION | cut -f2 -d\" \")\n"
"\n"
"TEMPDIR=$(mktemp -d)\n"
"TRUSTATTRIBUTES=\"CKA_TRUST_SERVER_AUTH\"\n"
"BUNDLE=\"BLFS-ca-bundle-${VERSION}.crt\"\n"
"CONVERTSCRIPT=\"/usr/bin/make-cert.pl\"\n"
"SSLDIR=\"/etc/ssl\"\n"
"\n"
"mkdir \"${TEMPDIR}/certs\"\n"
"\n"
"# Get a list of starting lines for each cert\n"
"CERTBEGINLIST=$(grep -n \"^# Certificate\" \"${certdata}\" | cut -d \":\" -f1)\n"
"\n"
"# Get a list of ending lines for each cert\n"
"CERTENDLIST=`grep -n \"^CKA_TRUST_STEP_UP_APPROVED\" \"${certdata}\" | cut -d \":\" -f 1`\n"
"\n"
"# Start a loop\n"
"for certbegin in ${CERTBEGINLIST}; do\n"
"  for certend in ${CERTENDLIST}; do\n"
"    if test \"${certend}\" -gt \"${certbegin}\"; then\n"
"      break\n"
"    fi\n"
"  done\n"
"\n"
"  # Dump to a temp file with the name of the file as the beginning line number\n"
"  sed -n \"${certbegin},${certend}p\" \"${certdata}\" > \"${TEMPDIR}/certs/${certbegin}.tmp\"\n"
"done\n"
"\n"
"unset CERTBEGINLIST CERTDATA CERTENDLIST certbegin certend\n"
"\n"
"mkdir -p certs\n"
"rm -f certs/*      # Make sure the directory is clean\n"
"\n"
"for tempfile in ${TEMPDIR}/certs/*.tmp; do\n"
"  # Make sure that the cert is trusted...\n"
"  grep \"CKA_TRUST_SERVER_AUTH\" \"${tempfile}\" | \\\n"
"    egrep \"TRUST_UNKNOWN|NOT_TRUSTED\" > /dev/null\n"
"\n"
"  if test \"${?}\" = \"0\"; then\n"
"    # Throw a meaningful error and remove the file\n"
"    cp \"${tempfile}\" tempfile.cer\n"
"    perl ${CONVERTSCRIPT} > tempfile.crt\n"
"    keyhash=$(openssl x509 -noout -in tempfile.crt -hash)\n"
"    echo \"Certificate ${keyhash} is not trusted!  Removing...\"\n"
"    rm -f tempfile.cer tempfile.crt \"${tempfile}\"\n"
"    continue\n"
"  fi\n"
"\n"
"  # If execution made it to here in the loop, the temp cert is trusted\n"
"  # Find the cert data and generate a cert file for it\n"
"\n"
"  cp \"${tempfile}\" tempfile.cer\n"
"  perl ${CONVERTSCRIPT} > tempfile.crt\n"
"  keyhash=$(openssl x509 -noout -in tempfile.crt -hash)\n"
"  mv tempfile.crt \"certs/${keyhash}.pem\"\n"
"  rm -f tempfile.cer \"${tempfile}\"\n"
"  echo \"Created ${keyhash}.pem\"\n"
"done\n"
"\n"
"# Remove blacklisted files\n"
"# MD5 Collision Proof of Concept CA\n"
"if test -f certs/8f111d69.pem; then\n"
"  echo \"Certificate 8f111d69 is not trusted!  Removing...\"\n"
"  rm -f certs/8f111d69.pem\n"
"fi\n"
"\n"
"# Finally, generate the bundle and clean up.\n"
"cat certs/*.pem >  ${BUNDLE}\n"
"rm -r \"${TEMPDIR}\"</literal>\n"
"EOF\n"
"\n"
"chmod +x /usr/bin/make-ca.sh</userinput>"

#. type: Content of: <sect1><sect2><para>
#: blfs-en/postlfs/security/cacerts.xml:247
msgid ""
"Add a short script to remove expired certificates from a directory.  Again "
"create this script as the <systemitem class=\"username\">root</systemitem> "
"user:"
msgstr ""
"Ajoutez un script bref pour supprimer les certificats expirés d'un "
"répertoire. Créez de nouveau ce script en tant qu'utilisateur <systemitem "
"class=\"username\">root</systemitem>&nbsp;:"

#. type: Content of: <sect1><sect2><screen>
#: blfs-en/postlfs/security/cacerts.xml:251
#, no-wrap
msgid ""
"<userinput>cat > /usr/sbin/remove-expired-certs.sh &lt;&lt; \"EOF\"\n"
"<literal>#!/bin/sh\n"
"# Begin /usr/sbin/remove-expired-certs.sh\n"
"#\n"
"# Version 20120211\n"
"\n"
"# Make sure the date is parsed correctly on all systems\n"
"mydate()\n"
"{\n"
"  local y=$( echo $1 | cut -d\" \" -f4 )\n"
"  local M=$( echo $1 | cut -d\" \" -f1 )\n"
"  local d=$( echo $1 | cut -d\" \" -f2 )\n"
"  local m\n"
"\n"
"  if [ ${d} -lt 10 ]; then d=\"0${d}\"; fi\n"
"\n"
"  case $M in\n"
"    Jan) m=\"01\";;\n"
"    Feb) m=\"02\";;\n"
"    Mar) m=\"03\";;\n"
"    Apr) m=\"04\";;\n"
"    May) m=\"05\";;\n"
"    Jun) m=\"06\";;\n"
"    Jul) m=\"07\";;\n"
"    Aug) m=\"08\";;\n"
"    Sep) m=\"09\";;\n"
"    Oct) m=\"10\";;\n"
"    Nov) m=\"11\";;\n"
"    Dec) m=\"12\";;\n"
"  esac\n"
"\n"
"  certdate=\"${y}${m}${d}\"\n"
"}\n"
"\n"
"OPENSSL=/usr/bin/openssl\n"
"DIR=/etc/ssl/certs\n"
"\n"
"if [ $# -gt 0 ]; then\n"
"  DIR=\"$1\"\n"
"fi\n"
"\n"
"certs=$( find ${DIR} -type f -name \"*.pem\" -o -name \"*.crt\" )\n"
"today=$( date +%Y%m%d )\n"
"\n"
"for cert in $certs; do\n"
"  notafter=$( $OPENSSL x509 -enddate -in \"${cert}\" -noout )\n"
"  date=$( echo ${notafter} |  sed 's/^notAfter=//' )\n"
"  mydate \"$date\"\n"
"\n"
"  if [ ${certdate} -lt ${today} ]; then\n"
"     echo \"${cert} expired on ${certdate}! Removing...\"\n"
"     rm -f \"${cert}\"\n"
"  fi\n"
"done</literal>\n"
"EOF\n"
"\n"
"chmod u+x /usr/sbin/remove-expired-certs.sh</userinput>"
msgstr ""
"<userinput>cat > /usr/sbin/remove-expired-certs.sh &lt;&lt; \"EOF\"\n"
"<literal>#!/bin/sh\n"
"# Begin /usr/sbin/remove-expired-certs.sh\n"
"#\n"
"# Version 20120211\n"
"\n"
"# Make sure the date is parsed correctly on all systems\n"
"mydate()\n"
"{\n"
"  local y=$( echo $1 | cut -d\" \" -f4 )\n"
"  local M=$( echo $1 | cut -d\" \" -f1 )\n"
"  local d=$( echo $1 | cut -d\" \" -f2 )\n"
"  local m\n"
"\n"
"  if [ ${d} -lt 10 ]; then d=\"0${d}\"; fi\n"
"\n"
"  case $M in\n"
"    Jan) m=\"01\";;\n"
"    Feb) m=\"02\";;\n"
"    Mar) m=\"03\";;\n"
"    Apr) m=\"04\";;\n"
"    May) m=\"05\";;\n"
"    Jun) m=\"06\";;\n"
"    Jul) m=\"07\";;\n"
"    Aug) m=\"08\";;\n"
"    Sep) m=\"09\";;\n"
"    Oct) m=\"10\";;\n"
"    Nov) m=\"11\";;\n"
"    Dec) m=\"12\";;\n"
"  esac\n"
"\n"
"  certdate=\"${y}${m}${d}\"\n"
"}\n"
"\n"
"OPENSSL=/usr/bin/openssl\n"
"DIR=/etc/ssl/certs\n"
"\n"
"if [ $# -gt 0 ]; then\n"
"  DIR=\"$1\"\n"
"fi\n"
"\n"
"certs=$( find ${DIR} -type f -name \"*.pem\" -o -name \"*.crt\" )\n"
"today=$( date +%Y%m%d )\n"
"\n"
"for cert in $certs; do\n"
"  notafter=$( $OPENSSL x509 -enddate -in \"${cert}\" -noout )\n"
"  date=$( echo ${notafter} |  sed 's/^notAfter=//' )\n"
"  mydate \"$date\"\n"
"\n"
"  if [ ${certdate} -lt ${today} ]; then\n"
"     echo \"${cert} expired on ${certdate}! Removing...\"\n"
"     rm -f \"${cert}\"\n"
"  fi\n"
"done</literal>\n"
"EOF\n"
"\n"
"chmod u+x /usr/sbin/remove-expired-certs.sh</userinput>"

#. type: Content of: <sect1><sect2><para>
#: blfs-en/postlfs/security/cacerts.xml:309
msgid ""
"The following commands will fetch the certificates and convert them to the "
"correct format.  If desired, a web browser may be used instead of "
"<application>wget</application> but the file will need to be saved with the "
"name <filename>certdata.txt</filename>.  These commands can be repeated as "
"necessary to update the CA Certificates."
msgstr ""
"Les commandes suivantes récupéreront les certificats et les convertiront "
"dans le bon format.  Si vous le désirez, vous pouvez utiliser un navigateur "
"Internet plutôt que <application>wget</application> mais le fichier devra "
"être enregistré sous le nom <filename>certdata.txt</filename>.  Ces "
"commandes peuvent être répétées autant de fois que nécessaire pour mettre à "
"jour les Certificats CA."

#. type: Content of: <sect1><sect2><screen>
#: blfs-en/postlfs/security/cacerts.xml:315
#, no-wrap
msgid ""
"<userinput>URL=&sources-anduin-http;/other/certdata.txt &amp;&amp;\n"
"rm -f certdata.txt &amp;&amp;\n"
"wget $URL          &amp;&amp;\n"
"make-ca.sh         &amp;&amp;\n"
"unset URL</userinput>"
msgstr ""
"<userinput>URL=&sources-anduin-http;/other/certdata.txt &amp;&amp;\n"
"rm -f certdata.txt &amp;&amp;\n"
"wget $URL          &amp;&amp;\n"
"make-ca.sh         &amp;&amp;\n"
"unset URL</userinput>"

#. type: Content of: <sect1><sect2><para>
#: blfs-en/postlfs/security/cacerts.xml:321
msgid "Now, as the <systemitem class=\"username\">root</systemitem> user:"
msgstr ""
"Maintenant, en tant qu'utilisateur <systemitem class=\"username\">root</"
"systemitem>&nbsp;:"

#. type: Content of: <sect1><sect2><screen>
#: blfs-en/postlfs/security/cacerts.xml:323
#, no-wrap
msgid ""
"<userinput>SSLDIR=/etc/ssl                                              &amp;&amp;\n"
"remove-expired-certs.sh certs                                &amp;&amp;\n"
"install -d ${SSLDIR}/certs                                   &amp;&amp;\n"
"cp -v certs/*.pem ${SSLDIR}/certs                            &amp;&amp;\n"
"c_rehash                                                     &amp;&amp;\n"
"install BLFS-ca-bundle*.crt ${SSLDIR}/ca-bundle.crt          &amp;&amp;\n"
"ln -sfv ../ca-bundle.crt ${SSLDIR}/certs/ca-certificates.crt &amp;&amp;\n"
"unset SSLDIR</userinput>"
msgstr ""
"<userinput>SSLDIR=/etc/ssl                                              &amp;&amp;\n"
"remove-expired-certs.sh certs                                &amp;&amp;\n"
"install -d ${SSLDIR}/certs                                   &amp;&amp;\n"
"cp -v certs/*.pem ${SSLDIR}/certs                            &amp;&amp;\n"
"c_rehash                                                     &amp;&amp;\n"
"install BLFS-ca-bundle*.crt ${SSLDIR}/ca-bundle.crt          &amp;&amp;\n"
"ln -sfv ../ca-bundle.crt ${SSLDIR}/certs/ca-certificates.crt &amp;&amp;\n"
"unset SSLDIR</userinput>"

#. type: Content of: <sect1><sect2><para>
#: blfs-en/postlfs/security/cacerts.xml:332
msgid "Finally, clean up the current directory:"
msgstr "Enfin, nettoyez le répertoire courant&nbsp;:"

#. type: Content of: <sect1><sect2><screen>
#: blfs-en/postlfs/security/cacerts.xml:334
#, no-wrap
msgid "<userinput>rm -r certs BLFS-ca-bundle*</userinput>"
msgstr "<userinput>rm -r certs BLFS-ca-bundle*</userinput>"

#. type: Content of: <sect1><sect2><para>
#: blfs-en/postlfs/security/cacerts.xml:336
msgid ""
"After installing or updating certificates, if OpenJDK is installed, update "
"the certificates for Java using the procedures at <xref linkend='ojdk-certs'/"
">."
msgstr ""
"Après l'installation ou la mise à jour des certificats, si OpenJDK est "
"installé, mettez à jour les certificats pour Java en utilisant la procédure "
"dans <xref linkend=\"ojdk-certs\"/>."

#. type: Content of: <sect1><sect2><title>
#: blfs-en/postlfs/security/cacerts.xml:343
msgid "Contents"
msgstr "Contenu"

#. type: Content of: <sect1><sect2><segmentedlist><segtitle>
#: blfs-en/postlfs/security/cacerts.xml:346
msgid "Installed Programs"
msgstr "Programmes installés"

#. type: Content of: <sect1><sect2><segmentedlist><segtitle>
#: blfs-en/postlfs/security/cacerts.xml:347
msgid "Installed Libraries"
msgstr "Bibliothèques installées"

#. type: Content of: <sect1><sect2><segmentedlist><segtitle>
#: blfs-en/postlfs/security/cacerts.xml:348
msgid "Installed Directories"
msgstr "Répertoires installés"

#. type: Content of: <sect1><sect2><segmentedlist><seglistitem><seg>
#: blfs-en/postlfs/security/cacerts.xml:351
msgid "make-ca.sh, make-cert.pl and remove-expired-certs.sh"
msgstr "make-ca.sh, make-cert.pl et remove-expired-certs.sh"

#. type: Content of: <sect1><sect2><segmentedlist><seglistitem><seg>
#: blfs-en/postlfs/security/cacerts.xml:352
msgid "None"
msgstr "Aucune"

#. type: Content of: <sect1><sect2><segmentedlist><seglistitem><seg>
#: blfs-en/postlfs/security/cacerts.xml:353
msgid "/etc/ssl/certs"
msgstr "/etc/ssl/certs"

#. type: Content of: <sect1><sect2><variablelist><bridgehead>
#: blfs-en/postlfs/security/cacerts.xml:358
msgid "Short Descriptions"
msgstr "Descriptions courtes"

#. type: Content of: <sect1><sect2><variablelist><varlistentry><term>
#: blfs-en/postlfs/security/cacerts.xml:363
msgid "<command>make-ca.sh</command>"
msgstr "<command>make-ca.sh</command>"

#. type: Content of: <sect1><sect2><variablelist><varlistentry><listitem><para>
#: blfs-en/postlfs/security/cacerts.xml:365
msgid ""
"is a shell script that reformats the <filename>certdata.txt</filename> file "
"for use by <application>openssl</application>."
msgstr ""
"est un script du shell qui reformate le fichier <filename>certdata.txt</"
"filename> pour que <application>openssl</application> l'utilise."

#. type: Content of: <sect1><sect2><variablelist><varlistentry><listitem><indexterm><primary>
#: blfs-en/postlfs/security/cacerts.xml:369
msgid "make-ca"
msgstr "make-ca"

#. type: Content of: <sect1><sect2><variablelist><varlistentry><term>
#: blfs-en/postlfs/security/cacerts.xml:375
msgid "<command>make-cert.pl</command>"
msgstr "<command>make-cert.pl</command>"

#. type: Content of: <sect1><sect2><variablelist><varlistentry><listitem><para>
#: blfs-en/postlfs/security/cacerts.xml:377
msgid ""
"is a utility <application>perl</application> script that converts a single "
"binary certificate (.der format) into .pem format."
msgstr ""
"est un script <application>perl</application> qui convertit un certificat "
"binaire unique (format .der) au format .pem."

#. type: Content of: <sect1><sect2><variablelist><varlistentry><listitem><indexterm><primary>
#: blfs-en/postlfs/security/cacerts.xml:380
msgid "make-cert"
msgstr "make-cert"

#. type: Content of: <sect1><sect2><variablelist><varlistentry><term>
#: blfs-en/postlfs/security/cacerts.xml:386
msgid "<command>remove-expired-certs.sh</command>"
msgstr "<command>remove-expired-certs.sh</command>"

#. type: Content of: <sect1><sect2><variablelist><varlistentry><listitem><para>
#: blfs-en/postlfs/security/cacerts.xml:388
msgid ""
"is a utility shell script that removes expired certificates from a "
"directory.  The default directory is <filename class='directory'>/etc/ssl/"
"certs</filename>."
msgstr ""
"est un script shell qui supprime les certificats expirés d'un répertoire. Le "
"répertoire par défaut est <filename class='directory'>/etc/ssl/certs</"
"filename>."

#. type: Content of: <sect1><sect2><variablelist><varlistentry><listitem><indexterm><primary>
#: blfs-en/postlfs/security/cacerts.xml:392
msgid "remove-expired-certs"
msgstr "remove-expired-certs"