On Monday 25 August 2008 09:56:10 am Dmitry Butskoy wrote:
Dmitry Butskoy wrote:
Dennis Gilmore wrote:
Effective immediately we have replaced the CA that is in use for cvs.fedoraproject.org and koji.fedoraproject.org This effects uploading to lookaside cache and building packages.
There are some manual steps that everyone needs to do to be able to use the systems again.
they are login to https://admin.fedoraproject.org/accounts/ and click on the "Download a client-side certificate" link at the bottom of the home page. save the output to ~/.fedora.cert
rm ~/.fedora-server-ca.cert ~/.fedora-upload-ca.cert fedora-packager-setup
According to the "fedora-packager-setup" script, the sources for these two certificates are: https://admin.fedoraproject.org/accounts/fedora-server-ca.cert and https://admin.fedoraproject.org/accounts/fedora-upload-ca.cert respectively.
<snip>
Perhaps the binary data (incapsulated in the base64 form) is OK, but the fact that there are such strange "in general" and strange "invisible" garbage in the security-sensitive data causes people at least to ask about it...
ive had one other report of the certs being weird looking. and i was unable to reproduce the issue. they look fine to me in all sources. from the original all the way through what ive downloaded in the three exposed places. what did you use to open them?
...and both of the certificate are identical (previously were different)?
yes we were using 2 CA's previously. now we only use one.
the ca cert is also linked https://admin.fedoraproject.org/fingerprints
Dennis