[wp-trac] [WordPress Trac] #50828: Update ca-bundle.crt and remove expired certificates

WordPress Trac noreply at wordpress.org
Fri Jul 31 17:30:03 UTC 2020


#50828: Update ca-bundle.crt and remove expired certificates
--------------------------+-----------------------------
 Reporter:  barry         |      Owner:  (none)
     Type:  defect (bug)  |     Status:  new
 Priority:  normal        |  Milestone:  Awaiting Review
Component:  General       |    Version:
 Severity:  normal        |   Keywords:
  Focuses:                |
--------------------------+-----------------------------
 The existing `ca-bundle.crt` contains expired certificates which in older
 OpenSSL versions will prevent TLS connections even if there is another
 certificate chain option that is not expired.  This patch syncs the bundle
 with the latest version from Mozilla, removing the expired certs, adding a
 few new ones, and keeping the 1024 bit certificates that were added for
 backwards compatibility in [35919]

 It will be nice when we can use the upstream version as-is and update it
 with every release :)

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/50828>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list