Ingo Flaschberger <[email protected]> writes: > the Thawte Premium Server CA is missing. > > Details: > https://www.thawte.com/roots/ > Root 2 > Thawte Premium Server CA > > openssl s_client -CAfile /usr/local/share/certs/ca-root-nss.crt > -showcerts -connect ssltest28.bbtest.net:443 > Verify return code: 21 (unable to verify the first certificate)
Likely intentional. Also, neither gecko@ nor ports-secteam@ wants to be responsible for verifying Root CAs. https://blog.mozilla.org/security/2014/09/08/phasing-out-certificates-with-1024-bit-rsa-keys/ https://svnweb.freebsd.org/changeset/ports/215953 > > with cert: > Verify return code: 0 (ok) > > Kind regards, > Ingo Flaschberger
signature.asc
Description: PGP signature
