-
-
Notifications
You must be signed in to change notification settings - Fork 10.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update expired SCT certificates #18444
Conversation
Is it worth documenting somewhere how you generated these? |
(Agree urgent) |
Aargh something more is needed. |
This won't apply to 1.1.1. We'll need another PR for that branch. |
@mattcaswell can you please re-approve. |
Ping for second review. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, agree it's urgent
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reconfirm
Why is there so much less in this PR compared to the 1.1.1 version? |
Because of b98efeb. Some certificates were regenerated to be SHA256 signed and have an expiry of Jan 26 11:50:13 2120 GMT. It originally landed to 1.1.1 but soon got reverted. |
Merged to master and 3.0 branches. Thank you for the reviews. |
I just renewed the existing cert with |
This appears to have broken the build for 3.0. See #18447 for details. |
That'll be f9f3096 rather than this one. |
Well, due to leap years, 100 years lifetime would have been 24 days more 😉 |
Fixes openssl#15179 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from openssl#18444) (cherry picked from commit 770aea8) (cherry picked from commit 338123c)
Fixes #15179