F-EOL versions of Firefox: How to remove co-opted Diginotar CA?
Daniel B. Thurman
dant at cdkkt.com
Tue Sep 6 16:10:49 UTC 2011
On 09/06/2011 08:52 AM, Tom Horsley wrote:
> On Tue, 06 Sep 2011 08:18:34 -0700
> Daniel B. Thurman wrote:
>
>> Now... I need to figure out how to do a backport of ca-certificates
>> pkg so if anyone has any idea how this can be done, I am all ears...
> My approach would be to download the source RPM for the old fedora,
> do an rpmbuild -bp, then substitute the certificate data from
> the source rpm for the new fedora and pick up the rpmbuild after
> the -bp stage to really make the rpms with the patched certs.
I am assuming that I could edit: ca-bundle.crt, remove
DigiNotar section, then proceed with a rebuild of Firefox?
Does rebuilding of FF (and Thunderbird) pickup ca-bundle.crt
for it's root CA?
More information about the users
mailing list