https://bz.apache.org/bugzilla/show_bug.cgi?id=67675
--- Comment #28 from Michael Osipov <micha...@apache.org> --- (In reply to Christopher Schultz from comment #27) > (In reply to Mark Thomas from comment #23) > > While 1.0.2 has been EOL for a while it would not surprise me at all to find > > lots of 1.0.2 generated keys and certs still in use. > > +1 > > The issue is not whether or not anyone is still using OpenSSL 1.0.2 today, > but whether or not anyone still have keys and certs when when they /were/ > using it in the past. That would also mean that they are years old and still valid... -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org