On 06/02/18 08:01, Eyal Lebedinsky wrote:
As of a month ago I started getting warnings from certwatch saying
The certificate for Certificate Shack has expired
and
The certificate for Frank Alpha has expired
which have now expired a week ago.
I wanted to find out who these hosts are and should I care about the expired
certs.
So far I found these two (and no others) mentioned in the file
-rw-r----- 1 root apache 65536 Jan 26 2014 /etc/httpd/alias/cert8.db
which is an old file which seems to be part of the mod_nss package.
Are these real certs? Test ones left there for no reason?
If they are not needed then what is the correct way to remove them, short of
removing the nss_mod module.
TIA
Anyone?
More information:
- system is fc26.x86_64
- still getting the messages after reinstall:
$ dnf provides /etc/httpd/alias/cert8.db
Last metadata expiration check: 15 days, 0:01:31 ago on Fri Jan 26 09:10:21
2018.
mod_nss-1.0.14-3.fc26.x86_64 : SSL/TLS module for the Apache HTTP server
Repo : @System
Matched from:
Filename : /etc/httpd/alias/cert8.db
mod_nss-1.0.14-3.fc26.x86_64 : SSL/TLS module for the Apache HTTP server
Repo : fedora
Matched from:
Filename : /etc/httpd/alias/cert8.db
$ sudo reinstall mod_nss
Reinstalling:
mod_nss x86_64 1.0.14-3.fc26 fedora 113 k
Reinstalled:
mod_nss.x86_64 1.0.14-3.fc26
--
Eyal Lebedinsky (fed...@eyal.emu.id.au)
_______________________________________________
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
