Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 14 replies
  • Subscribers 1 subscriber
  • Views 3726 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL spoof DIGINOTAR, COMODO - does Astaro remove root certs?

denko2k
Dear All!

referring to the news Microsoft, Google and Mozilla removed root certificates from the Dutch CA “DIGINOTAR”. Also a few weeks ago, root certs from COMODO have been removed.

Google users in Iran targeted in SSL spoof | InSecurity Complex - CNET News

How does Astaro deal with it?

In 
Web Security >> Web Filtering >> HTTPS CAs
does Astaro remove the certs by pattern updates? Do I have to do it myself?
Where can I find official information about how Astaro deals with that problems?


This thread was automatically locked due to age.
Parents
  • 0
    I dimly recall at some time in the past a certificate needed to be removed due to a problem.  I've been trying to find a post about it, but have been unsuccessful.  The shell commands to do this manually were provided, but for general availability it did require an up2date push to resolve.  Or maybe my addled brain is just remembering incorrectly.  [:)]
    __________________
    ACE v8/SCA v9.3

    ...still have a v5 install disk in a box somewhere.

    http://xkcd.com
    http://www.tedgoff.com/mb
    http://www.projectcartoon.com/cartoon/1
  • 0 in reply to Scott_Klassen
    denko2k, I dont' think they have a mechanism in place currently that removes revoked CAs... that is definitely something they should add... you might want to go to feature.astaro.com and post a request.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Reply
  • 0 in reply to Scott_Klassen
    denko2k, I dont' think they have a mechanism in place currently that removes revoked CAs... that is definitely something they should add... you might want to go to feature.astaro.com and post a request.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Children
No Data
Cookie Information Banner