Bug 1472932 - RHEL 6: Update ca-certificates to remove code signing trust from all CAs (upstream decision)
RHEL 6: Update ca-certificates to remove code signing trust from all CAs (ups...
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: ca-certificates (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: Kai Engert (:kaie)
BaseOS QE Security Team
Depends On:
  Show dependency treegraph
Reported: 2017-07-19 11:50 EDT by Kai Engert (:kaie)
Modified: 2017-12-06 06:30 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2017-12-06 06:30:21 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Kai Engert (:kaie) 2017-07-19 11:50:50 EDT
Mozilla has stopped supporting code signing trust, and the next update will remove all the trust bits related to code signing.

(Only the TLS/server trust and email security bits will remain.)

We should make this change in the next y-stream release.
Comment 2 Jan Kurik 2017-12-06 06:30:21 EST
Red Hat Enterprise Linux 6 is in the Production 3 Phase. During the Production 3 Phase, Critical impact Security Advisories (RHSAs) and selected Urgent Priority Bug Fix Advisories (RHBAs) may be released as they become available.

The official life cycle policy can be reviewed here:


This issue does not meet the inclusion criteria for the Production 3 Phase and will be marked as CLOSED/WONTFIX. If this remains a critical requirement, please contact Red Hat Customer Support to request a re-evaluation of the issue, citing a clear business justification. Note that a strong business justification will be required for re-evaluation. Red Hat Customer Support can be contacted via the Red Hat Customer Portal at the following URL:


Note You need to log in before you can comment on or make changes to this bug.