I think this bug is affecting me at least in 12.04: # openssl x509 -text -in /usr/share/ca-certificates/cacert.org/cacert.org.crt | grep Signature Signature Algorithm: md5WithRSAEncryption Signature Algorithm: md5WithRSAEncryption
The problem is that cacert.org breaks svn over https for some projects that use cacert since an update to neon for gnutls disables certs with md5 for security, at least if I understand the problem correctly. Our work around was to tell everyone to add an option to not trust the ~/.subversion/servers file ("ssl-trust-default-ca = no"), but it would be nice if this just worked "out of the box" for people with the latest security updates in ubuntu. Is there any reason why this hasn't been fixed yet? Or is fix for cacert in this bug something else? (if so, apologies, I will report a separate bug). Thanks o/ -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/290485 Title: Please sync ca-certificates 20080809 (main) from Debian unstable (main). To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/290485/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs