On Monday 25 August 2008 09:56:10 am Dmitry Butskoy wrote:
Dmitry Butskoy wrote:
> Dennis Gilmore wrote:
>> Effective immediately we have replaced the CA that is in use for
>>
cvs.fedoraproject.org and
koji.fedoraproject.org This effects
>> uploading to lookaside cache and building packages.
>>
>> There are some manual steps that everyone needs to do to be able to
>> use the systems again.
>>
>> they are login to
https://admin.fedoraproject.org/accounts/ and
>> click on the "Download a client-side certificate" link at the bottom
>> of the home page. save the output to ~/.fedora.cert
>>
>> rm ~/.fedora-server-ca.cert ~/.fedora-upload-ca.cert
>> fedora-packager-setup
>
> According to the "fedora-packager-setup" script, the sources for these
> two certificates are:
>
https://admin.fedoraproject.org/accounts/fedora-server-ca.cert
> and
>
https://admin.fedoraproject.org/accounts/fedora-upload-ca.cert
> respectively.
>
<snip>
>
> Perhaps the binary data (incapsulated in the base64 form) is OK, but
> the fact that there are such strange "in general" and strange
> "invisible" garbage in the security-sensitive data causes people at
> least to ask about it...
ive had one other report of the certs being weird
looking. and i was unable to
reproduce the issue. they look fine to me in all sources. from the original
all the way through what ive downloaded in the three exposed places. what did
you use to open them?
...and both of the certificate are identical (previously were
different)?
yes we were using 2 CA's previously. now we only use one.
the ca cert is also linked
https://admin.fedoraproject.org/fingerprints
Dennis