Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update cacert.pem (used for validating SSL connections) #13094

Merged
merged 1 commit into from Jun 28, 2018
Merged

Update cacert.pem (used for validating SSL connections) #13094

merged 1 commit into from Jun 28, 2018

Conversation

mattab
Copy link
Member

@mattab mattab commented Jun 22, 2018

Used for validating SSL connections within Matomo.

@mattab mattab added c: Security For issues that make Matomo more secure. Please report issues through HackerOne and not in Github. Needs Review PRs that need a code review labels Jun 22, 2018
@mattab mattab added this to the 3.6.0 milestone Jun 22, 2018
sgiehl
sgiehl reviewed Jun 24, 2018
View reviewed changes
core/DataFiles/cacert.pem
@@ -1,14 +1,13 @@
## How to update this file
## - download latest from https://curl.haxx.se/ca/cacert.pem
## - Paste the content below this comment
## - Leave in there also the Let's encrypt certificate (the first one in the list)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Was it on purpose to remove the let's encrypt certificate?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As far as I know the let's encrypt CA is already trusted by every major CA so there should be no reason to additionally add it.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If that's the case, it should be good to merge.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess if this breaks anything (which it shouldn't unless something is already broken) is something we will only find out after many users are testing the beta.

Copy link
Contributor

@fdellwing fdellwing Jun 24, 2018
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LE is crosssigned by IdenTrust which is trusted by everything (important) newer than windows XP >SP3.

@sgiehl sgiehl merged commit d4b8076 into 3.x-dev Jun 28, 2018
@sgiehl sgiehl deleted the cacert_update branch June 28, 2018 12:49
@mattab mattab changed the title Update cacert.pem Update cacert.pem (used for validating SSL connections) Aug 28, 2018
InfinityVoid pushed a commit to InfinityVoid/matomo that referenced this pull request Oct 11, 2018
@mattab @InfinityVoid
Update cacert.pem (matomo-org#13094)
353048e
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sgiehl sgiehl sgiehl left review comments

@Findus23 Findus23 Findus23 left review comments

@fdellwing fdellwing fdellwing left review comments

Assignees
No one assigned
Labels
c: Security For issues that make Matomo more secure. Please report issues through HackerOne and not in Github. Needs Review PRs that need a code review
Projects
None yet
Milestone
3.6.0
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@mattab @sgiehl @Findus23 @fdellwing