On Thursday 15 May 2008 14:20, Florent Daignière wrote: > * Matthew Toseland <[EMAIL PROTECTED]> [2008-05-15 14:03:54]: > > > On Thursday 15 May 2008 13:56, you wrote: > > > Hi, > > > > > > Due to a recent debian-specific bug in openssl, I've regenerated > > > the SSL certificates on emu; here are the new fingerprints: > > > > > > subject= /C=KR/ST=Daejeon/L=Daejeon/O=freenetproject.org/OU=StartCom Free > > Certificate > > Member/CN=emu.freenetproject.org/[EMAIL PROTECTED] > > > SHA1 Fingerprint=F3:8F:A6:8C:73:95:05:03:96:7E:F6:3B:24:D8:B8:AE:AD:E0:66:11 > > > > > > subject= /C=KR/ST=Daejeon/L=Daejeon/O=freenetproject.org/OU=StartCom Free > > Certificate > > Member/CN=bugs.freenetproject.org/[EMAIL PROTECTED] > > > SHA1 Fingerprint=B5:C3:DE:5B:64:D1:DF:24:0C:FD:7D:C2:14:77:03:54:2A:B9:35:B1 > > > > > > Apache, dovecot and postfix are using those from now on. I have > > > also changed the key we are using to sign the installer... but > > > as it doesn't work as I'd like it to it might change again > > > soon... Anyway, I will keep you posted. > > > > Will this break incoming opportunistic SSL? > > No that won't; our previous certificate wasn't trusted by any CA. > > > Don't other mailers expect the cert to stay the same once they've seen it? > > No, if they were accepting non-trusted certificates, there is no point > in rejecting a trusted one... > And if we change it again, they won't reject it as long as it's a trusted cert. Okay.
pgpMDEfk8mggb.pgp
Description: PGP signature
_______________________________________________ Devl mailing list Devl@freenetproject.org http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl