Inspired by http://zitseng.com/archives/7489
WARNINGS
- Do not run unless you understand what this is doing
- The CA system is broken by design - This is not a fix for that
- This is merely a band-aid for those interested or concerned about these root CAs
Usage
chmod +x delete_gov_roots.sh
./delete_gov_roots.sh
You’ll be prompted for your password as root access is required to delete system-wide root certs.
See Also
- http://convergence.io
- https://addons.mozilla.org/en-US/firefox/addon/certificate-patrol/
- https://github.com/kirei/catt
- https://www.eff.org/observatory
- https://bugzilla.mozilla.org/show_bug.cgi?id=478418
- http://support.apple.com/en-us/HT202858
- https://www.owasp.org/index.php/Certificate_and_Public_Key_Pinning