CA Certificate is hardcoded
Bug #925713 reported by
Marc Deslauriers
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu One storage protocol |
Won't Fix
|
Undecided
|
Unassigned | ||
Stable-3-0 |
Won't Fix
|
Undecided
|
Unassigned | ||
Trunk |
Won't Fix
|
Undecided
|
Unassigned | ||
ubuntuone-storage-protocol (Ubuntu) |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
CA certificate used to validate server cert is hardcoded in ubuntuone/
This should use the system /etc/ssl/
visibility: | private → public |
Changed in ubuntuone-storage-protocol (Ubuntu): | |
assignee: | nobody → Ubuntu One Foundations+ team (ubuntuone-foundations+) |
tags: | added: foundations+ |
Changed in ubuntuone-storage-protocol (Ubuntu): | |
status: | New → Confirmed |
To post a comment you must log in.
Because we have to continue shipping the cert .pems anyway, for other platforms, and because OpenSSL has issues with the chaining when reading from ca-certificates .crt, it doesn't seem like trying to get them added to ca-certificates.crt (which seems to have quite a complex process to do), won't affect security at all. And if the cert is changed on the server, validation will fail as-is since the certs would no longer match until we ship an update. Agreed on IRC to just close the bug.