Package: ca-certificates
Version: 20200601
Severity: normal
Follow up to #955038, expired certificate "Staat der Nederlanden Root CA
- G2" remains in the Mozilla bundle. If the CA managed their migration
to the same-named G3 cert, this could be a non-issue, however the
expired certificate can be blacklisted to effectively remove it.
CCing #955038 (remove in later replies, please) and BCCing the original
and secondary reporters to acknowledge. Thanks for report and follow up
on the error.
Kind regards,
Michael Shuler
--
$ openssl x509 -noout -startdate -enddate -in
/usr/share/ca-certificates/mozilla/Staat_der_Nederlanden_Root_CA_-_G2.crt
notBefore=Mar 26 11:18:17 2008 GMT
notAfter=Mar 25 11:03:10 2020 GMT
$ openssl x509 -noout -startdate -enddate -in
/usr/share/ca-certificates/mozilla/Staat_der_Nederlanden_Root_CA_-_G3.crt
notBefore=Nov 14 11:28:42 2013 GMT
notAfter=Nov 13 23:00:00 2028 GMT
