Skip to Content [alt-c]
In reply to Fixing the Breakage from the AddTrust External CA Root Expiration
Are you aware that there is at least one other current Root CA which used to be cross-signed by "AddTrust External CA Root" - "COMODO RSA Certification Authority"? (https://crt.sh/?id=1720081, old cross-signed cert is https://crt.sh/?id=1044348)
Additionally there is another variant of the "USERTrust RSA Certification Authority" cert (https://crt.sh/?id=1282303295) issued by the "AAA Certificate Services" Root CA (https://crt.sh/?id=331986). That one should still be valid until 2028.
However, cURL on macOS 10.14 (built against LibreSSL 2.6.5) also fails to connect to servers sending a security chain containing the latter. This is interesting, since "AddTrust External CA Root" never occurs in that chain. One example for it is https://electroncash.org/.
Reply
Your comment will be public. To contact me privately, email me. Please keep your comment polite, on-topic, and comprehensible. Your comment may be held for moderation before being published.
Your Name: (Optional; will be published)
Your Email Address: (Optional; will not be published)
Your Website: (Optional; will be published)
>
monospaced
Post a Reply
Your comment will be public. To contact me privately, email me. Please keep your comment polite, on-topic, and comprehensible. Your comment may be held for moderation before being published.