* Matthew Toseland <toad at amphibian.dyndns.org> [2008-05-15 14:03:54]:
> On Thursday 15 May 2008 13:56, you wrote: > > Hi, > > > > Due to a recent debian-specific bug in openssl, I've regenerated > > the SSL certificates on emu; here are the new fingerprints: > > > > subject= /C=KR/ST=Daejeon/L=Daejeon/O=freenetproject.org/OU=StartCom Free > Certificate > Member/CN=emu.freenetproject.org/emailAddress=hostmaster at freenetproject.org > > SHA1 Fingerprint=F3:8F:A6:8C:73:95:05:03:96:7E:F6:3B:24:D8:B8:AE:AD:E0:66:11 > > > > subject= /C=KR/ST=Daejeon/L=Daejeon/O=freenetproject.org/OU=StartCom Free > Certificate > Member/CN=bugs.freenetproject.org/emailAddress=hostmaster at > freenetproject.org > > SHA1 Fingerprint=B5:C3:DE:5B:64:D1:DF:24:0C:FD:7D:C2:14:77:03:54:2A:B9:35:B1 > > > > Apache, dovecot and postfix are using those from now on. I have > > also changed the key we are using to sign the installer... but > > as it doesn't work as I'd like it to it might change again > > soon... Anyway, I will keep you posted. > > Will this break incoming opportunistic SSL? No that won't; our previous certificate wasn't trusted by any CA. > Don't other mailers expect the cert to stay the same once they've seen it? No, if they were accepting non-trusted certificates, there is no point in rejecting a trusted one... -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20080515/c1d7a786/attachment.pgp>
