FS#38723 - [gajim] GlobalSign CA cert expired
Attached to Project:
Arch Linux
Opened by chris (jugg) - Thursday, 30 January 2014, 04:32 GMT
Last edited by Eric Belanger (Snowman) - Sunday, 23 February 2014, 05:35 GMT
Opened by chris (jugg) - Thursday, 30 January 2014, 04:32 GMT
Last edited by Eric Belanger (Snowman) - Sunday, 23 February 2014, 05:35 GMT
|
Details
Description:
Gajim uses its own set of CA certs located at /usr/share/gajim/data/other/cacerts.pem. The certificate it has for GlobalSign expired on Jan 28 12:00:00 2014 GMT having serial number 02 00 00 00 00 00 d6 78 b7 94 05 See https://2014.globalsign.com/ for the certificate information. Gajim's cacerts.pem need to be updated with a more recent GlobalSign root certificate. Additional info: Gajim 0.15.4-1 Steps to reproduce: Sign into a server using an SSL certificate signed by GlobalSign, and if warnings are enabled, you will be warned. or $ openssl verify -CAfile /usr/share/gajim/data/other/cacerts.pem domain.crt domain.crt: C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CA error 10 at 1 depth lookup:certificate has expired |
This task depends upon
Closed by Eric Belanger (Snowman)
Sunday, 23 February 2014, 05:35 GMT
Reason for closing: Fixed
Additional comments about closing: certificates have been removed in gajim-0.15.4-2
Sunday, 23 February 2014, 05:35 GMT
Reason for closing: Fixed
Additional comments about closing: certificates have been removed in gajim-0.15.4-2
So, it would seem an appropriate patch for archlinux is to remove that file.