Thawte Premium Server CA missing in ca_root_nss-3.18
Jan Beich
jbeich at FreeBSD.org
Tue Apr 21 17:54:36 UTC 2015
Ingo Flaschberger <ingo.flaschberger at gmail.com> writes:
> the Thawte Premium Server CA is missing.
>
> Details:
> https://www.thawte.com/roots/
> Root 2
> Thawte Premium Server CA
>
> openssl s_client -CAfile /usr/local/share/certs/ca-root-nss.crt
> -showcerts -connect ssltest28.bbtest.net:443
> Verify return code: 21 (unable to verify the first certificate)
Likely intentional. Also, neither gecko@ nor ports-secteam@ wants to be
responsible for verifying Root CAs.
https://blog.mozilla.org/security/2014/09/08/phasing-out-certificates-with-1024-bit-rsa-keys/
https://svnweb.freebsd.org/changeset/ports/215953
>
> with cert:
> Verify return code: 0 (ok)
>
> Kind regards,
> Ingo Flaschberger
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 602 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-gecko/attachments/20150421/75bd184a/attachment.sig>
More information about the freebsd-gecko
mailing list