SSL cert for pidgin.im expires in one week
Daniel Atallah
daniel.atallah at gmail.com
Mon Sep 15 11:20:07 EDT 2014
On Wed, Sep 10, 2014 at 4:37 PM, Daniel Atallah <daniel.atallah at gmail.com>
wrote:
> I'm planning on getting a new one this weekend.
>
> I'm not sure what our options are related to the SHA-1 signature are with
> StartCom.
>
I installed the upgraded cert with a SHA-256 signature this morning.
https://www.ssllabs.com/ssltest/analyze.html?d=pidgin.im
The intermediate cert still is SHA-1 signed - it doesn't look like StartCom
has SHA-256 versions of these yet (although they do for their root cert).
On Wed, Sep 10, 2014 at 3:51 PM, Elliott Sales de Andrade <qulogic at pidgin.im
> wrote:
> On 10 September 2014 14:57, Mark Doliner <mark at kingant.net> wrote:
>
>> Specifically it expires on Sept 18. Looks like we're currently using a
>> cert from StartCom. Anyone want to look into getting a new one? Looks
>> like maybe Daniel Atallah did it last time.
>>
>>
> Presumably, we should try and get one without a SHA-1 signature
> considering most major browsers will start warning about them soon. Since
> our certs are usually 2 years, we're technically safe from any full
> deprecations, but Chrome will start considering it “secure, but with minor
> errors” by November.
>
> --
> Elliott aka QuLogic
> Pidgin developer
>
> _______________________________________________
> Devel mailing list
> Devel at pidgin.im
> https://pidgin.im/cgi-bin/mailman/listinfo/devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pidgin.im/pipermail/devel/attachments/20140915/79cf03ff/attachment.html>
More information about the Devel
mailing list