-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 15-05-2008 20:43, Chris Adams wrote: > > On May 15, 2008, at 6:25 PM, Alex Samad wrote: >> is there away to check x509 certs with these tools ? > > Yes - the wiki has one (http://wiki.debian.org/SSLkeys) but you might > prefer the openssl-blacklist package which Ubuntu prepared: > > https://launchpad.net/ubuntu/+source/openssl-blacklist/ > > It runs out of the box on Debian and if you edit debian/control to > change the openssl dependency from the Ubuntu version > (0.9.8g-4ubuntu3.1) to the Debian version (0.9.8c-4etch3) you can > dpkg-buildpackage it and deploy it to multiple systems. I used it like > this to flush out Apache keys: > > sudo find /etc/ -xdev -type f -name \*.key -exec openssl-vulnkey {} \;
Speaking about that, are there plans to deploy openssl-blacklist in Debian as an official package? Kind regards, - -- Felipe Augusto van de Wiel (faw) "Debian. Freedom to code. Code to freedom!" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFILNXdCjAO0JDlykYRCMq8AKDOaci6iTFlozcZDC3mH6cUjra6nQCeMNyx 9MMqc7tVaHshsSPDfT0WhzY= =6MyD -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]