I think this bug is affecting me at least in 12.04:
# openssl x509 -text -in /usr/share/ca-certificates/cacert.org/cacert.org.crt |
grep Signature
Signature Algorithm: md5WithRSAEncryption
Signature Algorithm: md5WithRSAEncryption
The problem is that cacert.org breaks svn over https for some projects
that use cacert since an update to neon for gnutls disables certs with
md5 for security, at least if I understand the problem correctly.
Our work around was to tell everyone to add an option to not trust the
~/.subversion/servers file ("ssl-trust-default-ca = no"), but it would
be nice if this just worked "out of the box" for people with the latest
security updates in ubuntu.
Is there any reason why this hasn't been fixed yet? Or is fix for cacert
in this bug something else? (if so, apologies, I will report a separate
bug).
Thanks o/
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/290485
Title:
Please sync ca-certificates 20080809 (main) from Debian unstable
(main).
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/290485/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
