Thread 'Warning: Verisign/Symantec Class 3 Public Primary CA root certificate being dropped from ca-bundle.crt'
Message boards : BOINC client : Warning: Verisign/Symantec Class 3 Public Primary CA root certificate being dropped from ca-bundle.crt
Message board moderation
| Author | Message |
|---|---|
 Jord Send message Joined: 29 Aug 05 Posts: 15585 
|
Due to Google moving to distrust the “Class 3 Public Primary CA” root certificate operated by Symantec Corporation, we're removing the Symantec/Verisign Class 3 Public Primary CA root certificate from ca-bundle.crt, bundled with BOINC clients. Things you can expect that will happen due to this removal: - In the worst case ‘one additional certificate authority’ is trusted by the BOINC client that browsers do not trust. Volunteers would be more annoyed with their browser not working against a project server than with the BOINC client that is working. - By removing the cert, we potentially can cause a problem where new clients stop working while the browser continues to work for a few weeks (until the various vendors remove the root CA certificate from their root stores). - The more common scenario will be that new clients stop working against a project. Making a backup copy of your old ca-bundle.crt (in the BOINC Program directory) and putting it back in place for the new certificate file may overcome this, until the project catches up. Open discussion thread available here. ID: 66114 ·  |
|
Jord Send message Joined: 29 Aug 05 Posts: 15585
|
Rom Walton wrote: I’ve removed the old root CA from the bundle. ID: 66116 · |
Copyright © 2025 University of California.
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License,
Version 1.2 or any later version published by the Free Software Foundation.