## Jochen Neumeister ([email protected]): > Why are this certificates blacklisted?
Various reasons: - Symantec (which owned Thawte and VeriSign back in the time) made the news in a bad way: https://www.theregister.com/2017/09/12/chrome_66_to_reject_symantec_certs/ - some certificates are simply expired - some certificates use SHA-1 ("sha1WithRSAEncryption") which is beyond deprecated - and basically "whatever Mozilla did", as the certificates are imported from NSS. Regards, Christoph -- Spare Space _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "[email protected]"
