Am 06.09.2011 17:18, schrieb Daniel B. Thurman: > On 09/06/2011 08:08 AM, Pasha R wrote: >> On Tue, Sep 6, 2011 at 5:19 PM, Daniel B. Thurman <dant@xxxxxxxxx> wrote: >>> For EOL FF versions, how can I remove the co-opted >>> Diginotar CA certificate? Instructions given by Mozilla >>> does not remove this certificate. >>> >>> If the root CA's cannot be manually removed, Is there >>> a FF rpm that has the fix? >> Uneducated guess: try running FF as root and then following >> instructions by mozilla > I already explained that the instructions given by Mozilla > does not work. You can try to 'delete' DigiNotar per Mozilla's > instructions, having done that, and going back to check will > show that it still appears. This root CA is a built-in object... > so it cannot be deleted. > > Since there are no updates for end-of-life fedora versions, one > may have to backport the ca-certificates packages, since not > only Firefox is affected but many others such as Seamonkey, > Thunderbird, and many other applications, as Kevin Fenzi wrote. > > Now... I need to figure out how to do a backport of ca-certificates > pkg so if anyone has any idea how this can be done, I am all ears... wget http://kojipkgs.fedoraproject.org/packages/ca-certificates/2011.78/1.fc14/src/ca-certificates-2011.78-1.fc14.src.rpm rpmbuild --rebuild ca-certificates-2011.78-1.fc14.src.rpm
Attachment:
signature.asc
Description: OpenPGP digital signature
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines