Public bug reported:
The pollinate package pins the CA used to verify the connection to
https://entropy.ubuntu.com. It's unclear why what is done, and it places
extra restrictions on the maintenance of that web site.
Recently it switched to the Let's Encrypt CA, and that broke the client
connection to the service.
That change will be reverted server-side, as that's quicker to do at the
moment, but we should investigate why this restriction was placed on the
client, and relax if it deemed appropriate. Or maybe prepare an SRU to
add the let's encrypt CA to /etc/pollinate/entropy.ubuntu.com.pem to be
ready when we want to switch again.
** Affects: pollinate (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1895714
Title:
Investigate and remove CA pinning
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pollinate/+bug/1895714/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
