Your message dated Wed, 14 Dec 2011 23:55:01 -0600
with message-id <[email protected]>
and subject line Re: DigiCert intermediate certificate inclusion
has caused the Debian Bug report #584479,
regarding DigiCert intermediate certificate inclusion
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
584479: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584479
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: ca-certificates
Source: ca-certificates
Severity: normal
Usertags: cert-inclusion
Version: 20090709
Please include the intermediate certificates for DigiCert.
A number of sites on the internet have started using DigiCert without providing
the intermediate certs.
Option 2:
They are already available in Firefox 3.6.3, due to the reason noted.
Option 1:
(per README.Debian)
Page about it:
https://www.digicert.com/ssl-support/windows-cross-signed-chain.htm
Certificates:
https://www.digicert.com/CACerts/DigiCertBridge.crt
https://www.digicert.com/CACerts/DigiCertHighAssuranceCA-3.crt
https://www.digicert.com/CACerts/DigiCertHighAssuranceEVCA-1.crt
License:
https://www.digicert.com/digicert-root-certificates.htm
"DigiCert does not charge or require any special license agreement for the use
and/or distribution of these root certificates."
=== DigiCertBridge.crt
SHA1 Fingerprint=91:8D:A5:E4:99:C1:5F:7C:62:75:B1:24:FE:DE:53:35:7C:34:BD:36
Issuer: C=US, O=Entrust.net, OU=www.entrust.net/CPS incorp. by ref.
(limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Secure Server
Certification Authority
Subject: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High
Assurance EV Root CA
Validity
Not Before: Oct 1 05:00:00 2006 GMT
Not After : Jul 26 18:15:15 2014 GMT
=== DigiCertHighAssuranceCA-3.crt
SHA1 Fingerprint=A2:E3:2A:1A:2E:9F:AB:6E:AD:6B:05:F6:4E:A0:64:13:39:E1:00:11
Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High
Assurance EV Root CA
Subject: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High
Assurance CA-3
Validity
Not Before: Apr 3 00:00:00 2007 GMT
Not After : Apr 3 00:00:00 2022 GMT
=== DigiCertHighAssuranceEVCA-1.crt
SHA1 Fingerprint=4A:35:8B:25:35:28:61:42:F6:0F:4E:9B:57:E2:AE:11:6D:AB:F0:F5
Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High
Assurance EV Root CA
Subject: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High
Assurance EV CA-1
Validity
Not Before: Nov 10 00:00:00 2006 GMT
Not After : Nov 10 00:00:00 2021 GMT
--
Robin Hugh Johnson
E-Mail : [email protected]
Home Page : http://www.orbis-terrarum.net/?l=people.robbat2
ICQ# : 30269588 or 41961639
GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85
pgppsS7Xme8qo.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
tags 584479 wontfix
thanks
Intermediate certificates are not appropriate for ca-certificates, in my
opinion - see #587751 for some further detail.
See #647848 for future discussion on CA inclusion requests.
--
Kind regards,
Michael
signature.asc
Description: OpenPGP digital signature
--- End Message ---
