Bug ID: 409720
Summary: CA update not workong
Platform: Debian stable
CC: kdepim-b...@kde.org, m...@kde.org
Target Milestone: ---
If you have a old outdated CA-Certificate and a newer one kleopatra validates
against the old one and thinks the certificates signed by it aren't
This is especially annoying since you even can't remove the old CA since
removing a CA will result in removing all certificates singed by it.
So please make an easy CA replacement possible.
STEPS TO REPRODUCE
1. Import a CA-certificate (A) with an near in the future laying enddate
2. Import a longer valid certificate (B) that is signed by this CA.
3. Import a longer valid CA-certificate (C) for the same CA.
4. Wait until the first CA-certificate (A) runs out.
The certificate (B) is no longer trusted also there is a path to a existing,
trusted CA (C).
Kleopatra should validate against the still trusted CA.
You are receiving this mail because:
You are watching all bug changes.