IWETHEY v. 0.3.0 | TODO
1,095 registered users | 1 active user | 1 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

IWETHEY Home / IWETHEY Board / Internet Forum / Sectigo's SHA-1 root + intermediate certs expired.
Post #434,286
by scoenye
6/2/20 10:40:27 AM
6/2/20 10:40:27 AM
Reply
New Sectigo's SHA-1 root + intermediate certs expired.
The fix will be messy as the root cert lists for the OS and each application/service that brings its own will need updating.
Post #434,287
by malraux
Picture of malraux
6/2/20 10:44:11 AM
6/2/20 10:44:11 AM
Reply
New I don't think that's all that happened.
The server certs we're having issues with are GlobalSign and DigiCert, not Sectigo, and the problems are intermittent.

The client OS in question has updated certs and is on OpenSSL 1.1.1.

I manually removed the AddTrust certs but that didn't help either.
Regards,
-scott
Welcome to Rivendell, Mr. Anderson.
     I'm back; this time re "Sectigo" - (Ashton) - (21) - June 2, 2020, 02:20:04 AM EDT
         Sounds like an update is needed. - (static) - May 31, 2020, 11:52:10 PM EDT
         Also, thanks. - (static) - May 31, 2020, 11:54:07 PM EDT
         Wade is likely right + couple of things to check - (scoenye) - (3) - June 1, 2020, 08:14:46 AM EDT
             Going there: - (Ashton) - (2) - June 1, 2020, 07:47:41 PM EDT
                 Don't nuke the CUPS certificate - (scoenye) - (1) - June 1, 2020, 10:48:51 PM EDT
                     Gracias.. - (Ashton) - June 1, 2020, 11:10:37 PM EDT
         Here's a page that might help, if you can get there. - (Another Scott) - (1) - June 1, 2020, 09:00:07 AM EDT
             Hm: gives important also-too CLUE! (Can't Go-->There, either) - (Ashton) - June 1, 2020, 08:04:51 PM EDT
         Something happened with SSL certs yesterday - (malraux) - (11) - June 1, 2020, 09:53:03 AM EDT
             Thanks.. helps out, 'the Loneliness of the Long-distance tyro-Debugger .. a bit :-) -NT - (Ashton) - (10) - June 1, 2020, 07:50:15 PM EDT
                 major cert trust domain issue yesterday - (boxley) - (9) - June 1, 2020, 09:56:18 PM EDT
                     CRL lookup service blowout? The only thing I can think of that would cause widespread mayhem. -NT - (scoenye) - (3) - June 1, 2020, 10:49:53 PM EDT
                         Heh.. that moniker sent moi --> Belgium and a ∆ re (my) access to Sectigo. - (Ashton) - (2) - June 1, 2020, 11:33:25 PM EDT
                             That is what is going on - (scoenye) - (1) - June 2, 2020, 08:02:24 AM EDT
                                 Excellent--Lots of peripheral info there too; Bonus. -NT - (Ashton) - June 2, 2020, 06:45:09 PM EDT
                     Still going on. - (malraux) - (4) - June 1, 2020, 11:15:53 PM EDT
                         we use a gummint cert internal to ourselves - (boxley) - (3) - June 1, 2020, 11:27:42 PM EDT
                             We didn't have browser issues - (malraux) - (2) - June 2, 2020, 08:50:16 AM EDT
                                 Sectigo's SHA-1 root + intermediate certs expired. - (scoenye) - (1) - June 2, 2020, 10:40:27 AM EDT
                                     I don't think that's all that happened. - (malraux) - June 2, 2020, 10:44:11 AM EDT
         Teapot; Tempest-in: Thanks all! stuff works. The post-mortem amusement awaits.. -NT - (Ashton) - June 2, 2020, 04:26:24 AM EDT

Powered by zeptotechnology!
80 ms