Am 31.03.21 um 13:02 schrieb Christoph Moench-Tegeder:
## Jochen Neumeister (jon...@freebsd.org):
Why are this certificates blacklisted?
Various reasons:
- Symantec (which owned Thawte and VeriSign back in the time) made
the news in a bad way:
https://www.theregister.com/2017/09/12/chrome_66_to_reject_symantec_certs/
- some certificates are simply expired
- some certificates use SHA-1 ("sha1WithRSAEncryption") which is
beyond deprecated
- and basically "whatever Mozilla did", as the certificates are
imported from NSS.
how can I ignore the certificates now? So now everyone has this problem
with an update
Greetings
Jochen
_______________________________________________
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
