Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Invalid SSL certificates
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Gentoo Forums Feedback
View previous topic :: View next topic  
Author Message
dlmalloc
n00b
n00b


Joined: 21 Jun 2009
Posts: 40
Location: UK

PostPosted: Fri Apr 29, 2011 4:44 pm    Post subject: Invalid SSL certificates Reply with quote

The Gentoo forums have invalid SSL certificates, which is annoying for those of us that browse https and constantly have to manually accept the certs.

Surely this is a problem that can be fixed?

This goes for the rest of *.gentoo.org too.
_________________
$ ./lurk;

dlmalloc@irc.freenode.net
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 54033
Location: 56N 3W

PostPosted: Fri Apr 29, 2011 5:33 pm    Post subject: Reply with quote

dlmalloc,

They are not invalid.

Gentoo uses CACert as the certificate authority. Unfortunately, the CACert root certificate is not distributed with browsers.
You need to manually add the CACert Root Certificate to your browser(s). Only ff you trust it of course.

Have you verified all the pre installed certificates ?
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
aidanjt
Veteran
Veteran


Joined: 20 Feb 2005
Posts: 1118
Location: Rep. of Ireland

PostPosted: Fri Apr 29, 2011 5:40 pm    Post subject: Reply with quote

Yeah I've been meaning to raise this point, why doesn't Gentoo add CAcert to the system CA list?
_________________
juniper wrote:
you experience political reality dilation when travelling at american political speeds. it's in einstein's formulas. it's not their fault.
Back to top
View user's profile Send private message
dlmalloc
n00b
n00b


Joined: 21 Jun 2009
Posts: 40
Location: UK

PostPosted: Fri Apr 29, 2011 6:16 pm    Post subject: Reply with quote

Ah fantastic! :)

Though I agree with AidanJT, why not include CACert?
_________________
$ ./lurk;

dlmalloc@irc.freenode.net
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 54033
Location: 56N 3W

PostPosted: Fri Apr 29, 2011 7:49 pm    Post subject: Reply with quote

Gentoo has a policy of sticking as close to upstream as possible.
I suppose it could be an ebuild ...
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
aidanjt
Veteran
Veteran


Joined: 20 Feb 2005
Posts: 1118
Location: Rep. of Ireland

PostPosted: Fri Apr 29, 2011 7:57 pm    Post subject: Reply with quote

NeddySeagoon wrote:
Gentoo has a policy of sticking as close to upstream as possible.

It's also one of the things which endears Gentoo to me. Although sometimes practical reality on little things like this are nice polishing touches.

NeddySeagoon wrote:
I suppose it could be an ebuild ...

Yeah, and add an 'extraca' useflag to ssl, or something would be helpful. I would be happy with that.
_________________
juniper wrote:
you experience political reality dilation when travelling at american political speeds. it's in einstein's formulas. it's not their fault.
Back to top
View user's profile Send private message
Amity88
Apprentice
Apprentice


Joined: 03 Jul 2010
Posts: 260
Location: Third planet from the Sun

PostPosted: Tue Aug 02, 2011 3:53 pm    Post subject: Reply with quote

This topic just opened my eyes to something related.... how do I verify the ssl certificates preinstalled on the system? I just attempted to check gmail's certificate fingerprint, I can view the local sha fingerprint... but what do I compare it against, googling didn't yield any results
_________________
Ant P. wrote:
The enterprise distros sell their binaries. Canonical sells their users.


Also... Be ignorant... Be happy! :)
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Gentoo Forums Feedback All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum