From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4.1) Gecko/20031030 Description of problem: the intermediate Verisign certificate has expired (was valid 4/16/97 through 1/7/04). I either have to update the intermediate certificate myself (which I did already) or RedHat should put out a new package with the updated intermediate certificate. Version-Release number of selected component (if applicable): apache-1.3.27-6.ent How reproducible: Always Steps to Reproduce: 1. Install verisign certificate 2. Browse to server 3. Actual Results: Received security notice that certificate is either expired or is not yet valid. Expected Results: no messages, just surf normally Additional info: It was fairly easy to update (fix), but it might be good to release an update anyway for those people who don't want to or can't spend the time to manually update each machine they have. Also, I have not checked RHEL3; I just noticed it on this one machine that uses a certificate.
sorry; I later realized it should be mod_ssl and not apache since the CA bundle is shipped with mod_ssl
<sigh> and the mod_ssl version is currently mod_ssl-2.8.12-3
The intermediate cert which expired was not shipped in the root CA bundle /etc/httpd/conf/ssl.crt/ca-bundle.crt nor anywhere else in the mod_ssl package that I'm aware of.
This bug is filed against RHEL2.1, which is in maintenance phase. During the maintenance phase, only security errata and select mission critical bug fixes will be released for enterprise products. Since this bug does not meet that criteria, it is now being closed. For more information of the RHEL errata support policy, please visit: http://www.redhat.com/security/updates/errata/ If you feel this bug is indeed mission critical, please contact your support representative. You may be asked to provide detailed information on how this bug is affecting you.