[wp-trac] [WordPress Trac] #50828: Update ca-bundle.crt and remove expired certificates
WordPress Trac
noreply at wordpress.org
Fri Jul 31 17:30:03 UTC 2020
#50828: Update ca-bundle.crt and remove expired certificates
--------------------------+-----------------------------
Reporter: barry | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version:
Severity: normal | Keywords:
Focuses: |
--------------------------+-----------------------------
The existing `ca-bundle.crt` contains expired certificates which in older
OpenSSL versions will prevent TLS connections even if there is another
certificate chain option that is not expired. This patch syncs the bundle
with the latest version from Mozilla, removing the expired certs, adding a
few new ones, and keeping the 1024 bit certificates that were added for
backwards compatibility in [35919]
It will be nice when we can use the upstream version as-is and update it
with every release :)
--
Ticket URL: <https://core.trac.wordpress.org/ticket/50828>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list