On 09/06/2011 08:08 AM, Pasha R wrote: > On Tue, Sep 6, 2011 at 5:19 PM, Daniel B. Thurman <dant@xxxxxxxxx> wrote: >> For EOL FF versions, how can I remove the co-opted >> Diginotar CA certificate? Instructions given by Mozilla >> does not remove this certificate. >> >> If the root CA's cannot be manually removed, Is there >> a FF rpm that has the fix? > Uneducated guess: try running FF as root and then following > instructions by mozilla I already explained that the instructions given by Mozilla does not work. You can try to 'delete' DigiNotar per Mozilla's instructions, having done that, and going back to check will show that it still appears. This root CA is a built-in object... so it cannot be deleted. Since there are no updates for end-of-life fedora versions, one may have to backport the ca-certificates packages, since not only Firefox is affected but many others such as Seamonkey, Thunderbird, and many other applications, as Kevin Fenzi wrote. Now... I need to figure out how to do a backport of ca-certificates pkg so if anyone has any idea how this can be done, I am all ears... -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
