On 02/05/2018 01:01 PM, Eyal Lebedinsky wrote:
As of a month ago I started getting warnings from certwatch saying
The certificate for Certificate Shack has expired
The certificate for Frank Alpha has expired
which have now expired a week ago.
I wanted to find out who these hosts are and should I care about the
So far I found these two (and no others) mentioned in the file
-rw-r----- 1 root apache 65536 Jan 26 2014 /etc/httpd/alias/cert8.db
which is an old file which seems to be part of the mod_nss package.
Are these real certs? Test ones left there for no reason?
If they are not needed then what is the correct way to remove them,
removing the nss_mod module.
I expect they are sample certs, but I don't know why they are included.
I don't see those on my server, but my database is much older.
To remove them, go to the /etc/httpd/alias directory. Run "certutil -L
-d ." to make sure of the names. Then you can run "certutil -D -d . -n
'Frank Alpha'" for example to remove them from the database.
users mailing list -- firstname.lastname@example.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org