FS#42778 - Update website SSL certificates with sha2 certificates
Attached to Project:
Arch Linux
Opened by Dolores (meskarune) - Thursday, 13 November 2014, 18:20 GMT
Last edited by Florian Pritz (bluewind) - Tuesday, 22 March 2016, 13:31 GMT
Opened by Dolores (meskarune) - Thursday, 13 November 2014, 18:20 GMT
Last edited by Florian Pritz (bluewind) - Tuesday, 22 March 2016, 13:31 GMT
|
Details
Description: update the archlinux.org SSL certificates to
use sha2 instead of sha1.
Additional info: * sha1 is a weak algorithm that will be crackable in the next few years * chrome browser will be flagging sites with sha1 certificates * http://googleonlinesecurity.blogspot.com/2014/09/gradually-sunsetting-sha-1.html Steps to reproduce: https://shaaaaaaaaaaaaa.com/check/archlinux.org |
This task depends upon
if its from interest, here is a bit more tech related writeup to this topic from Adam Langley: https://www.imperialviolet.org/2014/05/14/sha256.html
domain to the list. No idea if that works for wildcard certs though, but it might be worth a try.
https://kuix.de/blog/index.php?entry=SSL/TLS-servers,-SHA-1/SHA-256-and-StartSSL.com-certificates
I'm also reassigning this to aaron since he handles the certs.
Link: https://www.globalsign.com/ssl/ssl-open-source/