| 1 |
In the past, all of the SSL certificates for Gentoo services |
| 2 |
(forums.g.o, bugs.g.o, etc) were all self-signed. Now that the |
| 3 |
foundation is in good legal standing again, we are making headway with |
| 4 |
replacing the certificates with those from CACert, via their |
| 5 |
Organization assurance program. |
| 6 |
|
| 7 |
From the perspective of users, if their browsers trust the CACert Level |
| 8 |
3 certificate or the Level 1, then the browser should trust the new |
| 9 |
Gentoo certificates. |
| 10 |
|
| 11 |
One of the new certificates is live on forums.gentoo.org as of today, |
| 12 |
but exposed the need for some further display improvements only (wrong |
| 13 |
email address) - it still functions perfectly. |
| 14 |
|
| 15 |
If your browser doesn't include the CACert roots, see either: |
| 16 |
http://wiki.cacert.org/wiki/BrowserClients |
| 17 |
https://www.cacert.org/index.php?id=3 |
| 18 |
Or make sure you have the latest ca-certificates package (if the browser |
| 19 |
uses it), and that update-ca-certificates was run properly. |
| 20 |
|
| 21 |
-- |
| 22 |
Robin Hugh Johnson |
| 23 |
Gentoo Linux Developer & Infra Guy |
| 24 |
E-Mail : robbat2@g.o |
| 25 |
GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85 |
Archives