[wp-trac] [WordPress Trac] #34935: Removed SSL certificates causing errors in WP 4.4
WordPress Trac
noreply at wordpress.org
Mon Dec 14 05:19:27 UTC 2015
#34935: Removed SSL certificates causing errors in WP 4.4
------------------------------------+---------------------
Reporter: DvanKooten | Owner: rmccue
Type: defect (bug) | Status: closed
Priority: normal | Milestone: 4.4.1
Component: HTTP API | Version: 4.4
Severity: normal | Resolution: fixed
Keywords: has-patch https commit | Focuses:
------------------------------------+---------------------
Changes (by dd32):
* status: assigned => closed
* resolution: => fixed
Comment:
In [changeset:"35919"]:
{{{
#!CommitTicketReference repository="" revision="35919"
HTTP: Partially revert [34283] which removed the 1024bit certificates from
our trust store.
Most browsers no longer trust 1024bit certificates, or certificates signed
by them, instead verifying them by a trusted intermediate or a cross-sign
from another trusted certificate.
Unfortunately, as it turns out, OpenSSL prior to 1.0.1g cannot correctly
handle certificates chains such as this, even if one of the intermediates
is trusted.
The solution is that we need to continue to trust the 1024bit legacy root
certificates forthe foreseeable future
This adds the following certificates back into our trust store:
{{{
GTE CyberTrust Global Root
Thawte Server CA
Thawte Premium Server CA
Verisign Class 3 Public Primary Certification Authority
Verisign Class 3 Public Primary Certification Authority - G2
ValiCert Class 1 VA
ValiCert Class 2 VA
RSA Root Certificate 1
Entrust.net Secure Server CA
Equifax Secure Global eBusiness CA
Equifax Secure eBusiness CA 1
America Online Root Certification Authority 1
America Online Root Certification Authority 2
NetLock Business (Class B) Root
NetLock Express (Class C) Root
Verisign Class 3 Public Primary Certification Authority
}}}
Props rmccue
Fixes #34935 for trunk.
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/34935#comment:25>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list