Re: SHA-1 serverAuth cert issued by Trustis in November 2016

Andrew Ayer via dev-security-policy Fri, 24 Feb 2017 09:58:15 -0800

On Fri, 24 Feb 2017 08:25:25 -0800
Andrew Ayer via dev-security-policy
<dev-security-policy@lists.mozilla.org> wrote:


> On Fri, 24 Feb 2017 07:08:54 -0800 (PST)
> "blake.morgan--- via dev-security-policy"
> <dev-security-policy@lists.mozilla.org> wrote:
> 
> > Trustis has some time ago, migrated all TLS certificate production
> > to SHA-256 Issuing Authorities.  The small number of previously
> > issued SHA-1 TLS certificates issued from “FPS TT”, that had
> > lifetimes extending beyond 1 Jan 2017, were revoked towards the end
> > of 2016.    
> 
> Below is an unrevoked SHA-1 serverAuth certificate for
> getset.trustis.com issued from this CA with a Not Before date of
> 2016-11-07.

This certificate can now be viewed on crt.sh:

        
https://crt.sh/?sha256=bb0835a27459d0b02aa797f3f35b02457ac07b57497aa0266677708c7b20fb20

Regards,
Andrew
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: SHA-1 serverAuth cert issued by Trustis in November 2016

Reply via email to