Because we have to continue shipping the cert .pems anyway, for other platforms, and because OpenSSL has issues with the chaining when reading from ca-certificates.crt, it doesn't seem like trying to get them added to ca-certificates.crt (which seems to have quite a complex process to do), won't affect security at all. And if the cert is changed on the server, validation will fail as-is since the certs would no longer match until we ship an update. Agreed on IRC to just close the bug.
** Changed in: ubuntuone-storage-protocol/trunk Status: New => Won't Fix ** Changed in: ubuntuone-storage-protocol/stable-3-0 Status: New => Won't Fix ** Changed in: ubuntuone-storage-protocol Status: New => Won't Fix ** Changed in: ubuntuone-storage-protocol (Ubuntu) Status: Confirmed => Won't Fix ** Changed in: ubuntuone-storage-protocol (Ubuntu) Assignee: Ubuntu One Foundations+ team (ubuntuone-foundations+) => (unassigned) ** This bug is no longer flagged as a security vulnerability -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/925713 Title: CA Certificate is hardcoded To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntuone-storage-protocol/+bug/925713/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs