5209R/5210R: SSL related YUM updates

Posted by: mstauber Category: General

YUM updates related to Let's Encrypts expired root certificate have been published.

In response to [BlueOnyx:25128] (and following) I just published YUM updates for BlueOnyx 5209R and 5210R:

Click to see the code changes in SVN

base-email:

Modified glue/handlers/copy_certs.pl to conditionally merge ca-cert into dovecot.pem - provided we have intermediates.

This takes care of the fact that Dovecot doesn't use the intermediate ca.pem (via the "ssl_ca" line) when Dovecot acts as a server. Merging the ca.pem into dovecot.pem helps us to get around that.

base-ssl:

Updated ACME to the latest version (3.0.1), added requirement for the "socat" RPM (now required by ACME) and automatically set ACME's default-ca to "letsencrypt" to use the new LE API URLs.


Return
General
Sep 30, 2021 Category: General Posted by: mstauber
Previous page: Development Blog Next page: Mailing List Archive