Mailinglist Archive: opensuse-bugs (2150 mails)

< Previous Next >
[Bug 873680] KDE uses outdated certificates

https://bugzilla.novell.com/show_bug.cgi?id=873680

https://bugzilla.novell.com/show_bug.cgi?id=873680#c3


--- Comment #3 from Ruediger Meier <sweet_f_a@xxxxxx> 2014-04-15 12:58:03 UTC
---
(In reply to comment #2)
@Ruediger, Can you let me know how you determined that these are the cert
bundles that KDE4 is using ? Or is this based on the fact that these files
are
installed ?

Just our of curiosity and to see where the improvement should be done.

I was testing all this some months ago
http://lists.opensuse.org/opensuse-factory/2013-07/msg00335.html

Since then I am using symlinks to /etc/ssl/ca-bundle.pem on about 20 machines
(mostly 11.4 and one 13.1) without any problems.

I've opened this bug report just to have a reference for
sr230195
sr230195

Since I think this is also a security hole I'd also like to submit against
13.1:Update. First waiting what Factory says.

@Marcus
I know that /etc/ssl/certs/ would be more nice. Somebody should push this
upstream or evaluate whether it is already possible somehow. But IMO this KDE
kssl/ca-bundle.crt is broken a few years too long already to wait any longer.
Let's go with symlink right now.

--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

< Previous Next >
References