| Summary: | Microsec e-Szigno Root CA will soon expire | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Stanislav Zidek <szidek> |
| Component: | ca-certificates | Assignee: | Kai Engert (:kaie) (inactive account) <kengert> |
| Status: | CLOSED UPSTREAM | QA Contact: | BaseOS QE Security Team <qe-baseos-security> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 7.2 | CC: | hkario |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2016-09-28 15:34:37 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
Note: also present on RHEL-5 and RHEL-6, I see no point in filing another bugs. The actual certificate is
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
cc:b8:e7:bf:4e:29:1a:fd:a2:dc:66:a5:1c:2c:0f:11
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=HU, L=Budapest, O=Microsec Ltd., OU=e-Szigno CA, CN=Microsec e-Szigno Root CA
Validity
Not Before: Apr 6 12:28:44 2005 GMT
Not After : Apr 6 12:28:44 2017 GMT
Subject: C=HU, L=Budapest, O=Microsec Ltd., OU=e-Szigno CA, CN=Microsec e-Szigno Root CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ed:c8:00:d5:81:7b:cd:38:00:47:cc:db:84:c1:
21:69:2c:74:90:0c:21:d9:53:87:ed:3e:43:44:53:
af:ab:f8:80:9b:3c:78:8d:d4:8d:ae:b8:ef:d3:11:
dc:81:e6:cf:3b:96:8c:d6:6f:15:c6:77:7e:a1:2f:
e0:5f:92:b6:27:d7:76:9a:1d:43:3c:ea:d9:ec:2f:
ee:39:f3:6a:67:4b:8b:82:cf:22:f8:65:55:fe:2c:
cb:2f:7d:48:7a:3d:75:f9:aa:a0:27:bb:78:c2:06:
ca:51:c2:7e:66:4b:af:cd:a2:a7:4d:02:82:3f:82:
ac:85:c6:e1:0f:90:47:99:94:0a:71:72:93:2a:c9:
a6:c0:be:3c:56:4c:73:92:27:f1:6b:b5:f5:fd:fc:
30:05:60:92:c6:eb:96:7e:01:91:c2:69:b1:1e:1d:
7b:53:45:b8:dc:41:1f:c9:8b:71:d6:54:14:e3:8b:
54:78:3f:be:f4:62:3b:5b:f5:a3:ec:d5:92:74:e2:
74:30:ef:01:db:e1:d4:ab:99:9b:2a:6b:f8:bd:a6:
1c:86:23:42:5f:ec:49:de:9a:8b:5b:f4:72:3a:40:
c5:49:3e:a5:be:8e:aa:71:eb:6c:fa:f5:1a:e4:6a:
fd:7b:7d:55:40:ef:58:6e:e6:d9:d5:bc:24:ab:c1:
ef:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
Authority Information Access:
OCSP - URI:https://rca.e-szigno.hu/ocsp
CA Issuers - URI:http://www.e-szigno.hu/RootCA.crt
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Certificate Policies:
Policy: 1.3.6.1.4.1.21528.2.1.1.1
CPS: http://www.e-szigno.hu/SZSZ/
User Notice:
Explicit Text:
X509v3 CRL Distribution Points:
Full Name:
URI:http://www.e-szigno.hu/RootCA.crl
URI:ldap://ldap.e-szigno.hu/CN=Microsec%20e-Szigno%20Root%20CA,OU=e-Szigno%20CA,O=Microsec%20Ltd.,L=Budapest,C=HU?certificateRevocationList;binary
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Subject Alternative Name:
email:info, DirName:/CN=Microsec e-Szign\xC3\xB3 Root CA/OU=e-Szign\xC3\xB3 HSZ/O=Microsec Kft./L=Budapest/C=HU
X509v3 Authority Key Identifier:
keyid:C7:A0:49:75:16:61:84:DB:31:4B:84:D2:F1:37:40:90:EF:4E:DC:F7
DirName:/C=HU/L=Budapest/O=Microsec Ltd./OU=e-Szigno CA/CN=Microsec e-Szigno Root CA
serial:CC:B8:E7:BF:4E:29:1A:FD:A2:DC:66:A5:1C:2C:0F:11
X509v3 Subject Key Identifier:
C7:A0:49:75:16:61:84:DB:31:4B:84:D2:F1:37:40:90:EF:4E:DC:F7
Signature Algorithm: sha1WithRSAEncryption
d3:13:9c:66:63:59:2e:ca:5c:70:0c:fc:83:bc:55:b1:f4:8e:
07:6c:66:27:ce:c1:3b:20:a9:1c:bb:46:54:70:ee:5a:cc:a0:
77:ea:68:44:27:eb:f2:29:dd:77:a9:d5:fb:e3:d4:a7:04:c4:
95:b8:0b:e1:44:68:60:07:43:30:31:42:61:e5:ee:d9:e5:24:
d5:1b:df:e1:4a:1b:aa:9f:c7:5f:f8:7a:11:ea:13:93:00:ca:
8a:58:b1:ee:ed:0e:4d:b4:d7:a8:36:26:7c:e0:3a:c1:d5:57:
82:f1:75:b6:fd:89:5f:da:f3:a8:38:9f:35:06:08:ce:22:95:
be:cd:d5:fc:be:5b:de:79:6b:dc:7a:a9:65:66:be:b1:25:5a:
5f:ed:7e:d3:ac:46:6d:4c:f4:32:87:b4:20:04:e0:6c:78:b0:
77:d1:85:46:4b:a6:12:b7:75:e8:4a:c9:56:6c:d7:92:ab:9d:
f5:49:38:d2:4f:53:e3:55:90:11:db:98:96:c6:49:f2:3e:f4:
9f:1b:e0:f7:88:dc:25:62:99:44:d8:73:bf:3f:30:f3:0c:37:
3e:d4:c2:28:80:73:b1:01:b7:9d:5a:96:14:01:4b:a9:11:9d:
29:6a:2e:d0:5d:81:c0:cf:b2:20:43:c7:03:e0:37:4e:5d:0a:
dc:59:20:25
The certificate has expired, without any request to replace it. We can wait for upstream to remove it, no further action seems necessary. Closing. |
This is just a tracking bug for expiring CA certificate - Microsec e-Szigno Root CA Certificate: Data: Version: 3 (0x2) Serial Number: 999181308 (0x3b8e4bfc) Signature Algorithm: sha1WithRSAEncryption Issuer: emailAddress=pki, C=EE, O=AS Sertifitseerimiskeskus, CN=Juur-SK Validity Not Before: Aug 30 14:23:01 2001 GMT Not After : Aug 26 14:23:01 2016 GMT Subject: emailAddress=pki, C=EE, O=AS Sertifitseerimiskeskus, CN=Juur-SK Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:81:71:36:3e:33:07:d6:e3:30:8d:13:7e:77:32: 46:cb:cf:19:b2:60:31:46:97:86:f4:98:46:a4:c2: 65:45:cf:d3:40:7c:e3:5a:22:a8:10:78:33:cc:88: b1:d3:81:4a:f6:62:17:7b:5f:4d:0a:2e:d0:cf:8b: 23:ee:4f:02:4e:bb:eb:0e:ca:bd:18:63:e8:80:1c: 8d:e1:1c:8d:3d:e0:ff:5b:5f:ea:64:e5:97:e8:3f: 99:7f:0c:0a:09:33:00:1a:53:a7:21:e1:38:4b:d6: 83:1b:ad:af:64:c2:f9:1c:7a:8c:66:48:4d:66:1f: 18:0a:e2:3e:bb:1f:07:65:93:85:b9:1a:b0:b9:c4: fb:0d:11:f6:f5:d6:f9:1b:c7:2c:2b:b7:18:51:fe: e0:7b:f6:a8:48:af:6c:3b:4f:2f:ef:f8:d1:47:1e: 26:57:f0:51:1d:33:96:ff:ef:59:3d:da:4d:d1:15: 34:c7:ea:3f:16:48:7b:91:1c:80:43:0f:3d:b8:05: 3e:d1:b3:95:cd:d8:ca:0f:c2:43:67:db:b7:93:e0: 22:82:2e:be:f5:68:28:83:b9:c1:3b:69:7b:20:da: 4e:9c:6d:e1:ba:cd:8f:7a:6c:b0:09:22:d7:8b:0b: db:1c:d5:5a:26:5b:0d:c0:ea:e5:60:d0:9f:fe:35: df:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Certificate Policies: Policy: 1.3.6.1.4.1.10015.1.1.1 User Notice: Explicit Text: CPS: http://www.sk.ee/cps/ X509v3 CRL Distribution Points: Full Name: URI:http://www.sk.ee/juur/crl/ X509v3 Subject Key Identifier: 04:AA:7A:47:A3:E4:89:AF:1A:CF:0A:40:A7:18:3F:6F:EF:E9:7D:BE X509v3 Authority Key Identifier: keyid:04:AA:7A:47:A3:E4:89:AF:1A:CF:0A:40:A7:18:3F:6F:EF:E9:7D:BE X509v3 Key Usage: critical Digital Signature, Non Repudiation, Key Encipherment, Certificate Sign, CRL Sign Signature Algorithm: sha1WithRSAEncryption 7b:c1:18:94:53:a2:09:f3:fe:26:67:9a:50:e4:c3:05:2f:2b: 35:78:91:4c:7c:a8:11:11:79:4c:49:59:ac:c8:f7:85:65:5c: 46:bb:3b:10:a0:02:af:cd:4f:b5:cc:36:2a:ec:5d:fe:ef:a0: 91:c9:b6:93:6f:7c:80:54:ec:c7:08:70:0d:8e:fb:82:ec:2a: 60:78:69:36:36:d1:c5:9c:8b:69:b5:40:c8:94:65:77:f2:57: 21:66:3b:ce:85:40:b6:33:63:1a:bf:79:1e:fc:5c:1d:d3:1d: 93:1b:8b:0c:5d:85:bd:99:30:32:18:09:91:52:e9:7c:a1:ba: ff:64:92:9a:ec:fe:35:ee:8c:2f:ae:fc:20:86:ec:4a:de:1b: 78:32:37:a6:81:d2:9d:af:5a:12:16:ca:99:5b:fc:6f:6d:0e: c5:a0:1e:86:c9:91:d0:5c:98:82:5f:63:0c:8a:5a:ab:d8:95: a6:cc:cb:8a:d6:bf:64:4b:8e:ca:8a:b2:b0:e9:21:32:9e:aa: a8:85:98:34:81:39:21:3b:a8:3a:52:32:3d:f6:6b:37:86:06: 5a:15:98:dc:f0:11:66:fe:34:20:b7:03:f4:41:10:7d:39:84: 79:96:72:63:b6:96:02:e5:6b:b9:ad:19:4d:bb:c6:44:db:36: cb:2a:9c:8e