Package: ca-certificates Version: 20050804 Severity: minor
The certificate that is stored in one of the files does not match the name of the file. This is confusing (best case) or a security problem (worst case, unlikely). The file in question is /etc/ssl/certs/RSA_Root_Certificate_1.pem The name of the file suggests that it belongs to RSA Security Inc, but the contents of the file (reported by certtool, part of gnutls-bin) says that it belongs to ValiCert. $ certtool -i < /etc/ssl/certs/RSA_Root_Certificate_1.pem X.509 certificate info: Version: 1 Serial Number (hex): 01 Subject: L=ValiCert Validation Network,O=ValiCert\, Inc.,OU=ValiCert Class 3 Policy Validation Authority,CN=http://www.valicert.com/,[EMAIL PROTECTED] Issuer: L=ValiCert Validation Network,O=ValiCert\, Inc.,OU=ValiCert Class 3 Policy Validation Authority,CN=http://www.valicert.com/,[EMAIL PROTECTED] Signature Algorithm: RSA-SHA Validity: Not Before: Sat Jun 26 01:22:33 1999 Not After: Wed Jun 26 01:22:33 2019 Subject Public Key Info: Public Key Algorithm: RSA (1024 bits) modulus: 00:e3:98:51:96:1c:e8:d5:b1:06:81:6a:57:c3:72: 75:93:ab:cf:9e:a6:fc:f3:16:52:d6:2d:4d:9f:35: 44:a8:2e:04:4d:07:49:8a:38:29:f5:77:37:e7:b7: ab:5d:df:36:71:14:99:8f:dc:c2:92:f1:e7:60:92: 97:ec:d8:48:dc:bf:c1:02:20:c6:24:a4:28:4c:30: 5a:76:6d:b1:5c:f3:dd:de:9e:10:71:a1:88:c7:5b: 9b:41:6d:ca:b0:b8:8e:15:ee:ad:33:2b:cf:47:04: 5c:75:71:0a:98:24:98:29:a7:49:59:a5:dd:f8:b7: 43:62:61:f3:d3:e2:d0:55:3f: public exponent: 01:00:01: Other information: MD5 Fingerprint: A2:6F:53:B7:EE:40:DB:4A:68:E7:FA:18:D9:10:4B:72 SHA1 Fingerprint: 69:BD:8C:F4:9C:D3:00:FB:59:2E:17:93:CA:55:6A:F3:EC:AA:35:FB Public Key ID: 77:77:EE:58:B4:02:E3:68:CE:E2:9D:59:02:F9:84:3F:35:82:9A:4A Another file called /etc/ssl/certs/RSA_Security_1024_v3.pem shows what a certificate belonging to RSA Security Inc should look like. certtool -i < /etc/ssl/certs/RSA_Security_1024_v3.pem X.509 certificate info: Version: 3 Serial Number (hex): 0A:01:01:01:00:00:02:7C:00:00:00:0B:00:00:00:02 Subject: O=RSA Security Inc,OU=RSA Security 1024 V3 Issuer: O=RSA Security Inc,OU=RSA Security 1024 V3 Signature Algorithm: RSA-SHA Validity: Not Before: Thu Feb 22 21:01:49 2001 Not After: Sun Feb 22 20:01:49 2026 Subject Public Key Info: Public Key Algorithm: RSA (1024 bits) modulus: 00:d5:dd:fe:66:09:cf:24:3c:3e:ae:81:4e:4e:8a: c4:69:80:5b:59:3b:df:b9:4d:4c:ca:b5:2d:c3:27: 2d:3c:af:00:42:6d:bc:28:a6:96:cf:7f:d7:58:ac: 83:0a:a3:55:b5:7b:17:90:15:84:4c:8a:ee:26:99: dc:58:ef:c7:38:a6:aa:af:d0:8e:42:c8:62:d7:ab: ac:a9:fb:4a:7d:bf:ea:fe:12:4d:dd:ff:26:2d:6f: 36:54:68:c8:d2:84:56:ee:92:53:61:09:b3:3f:39: 9b:a8:c9:9b:bd:ce:9f:7e:d4:19:6a:16:29:18:be: d7:3a:69:dc:25:5b:33:1a:51: public exponent: 01:00:01: X.509 Extensions: Basic Constraints: (critical) CA:TRUE Key usage: (critical) Certificate signing. CRL signing. Subject Key ID: C4:C0:1C:A4:07:94:FD:CD:4D:01:D4:54:DA:A5:0C:5F:DE:AE:05:5A Authority Key ID: C4:C0:1C:A4:07:94:FD:CD:4D:01:D4:54:DA:A5:0C:5F:DE:AE:05:5A Other information: MD5 Fingerprint: 3A:E5:50:B0:39:BE:C7:46:36:33:A1:FE:82:3E:8D:94 SHA1 Fingerprint: 3C:BB:5D:E0:FC:D6:39:7C:05:88:E5:66:97:BD:46:2A:BD:F9:5C:76 Public Key ID: 09:44:55:2B:5B:B6:4A:DF:AD:BB:85:63:1C:3F:A1:10:96:57:7D:FF -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]