Everything is fine with PKI and SSL certificates. It was a bug in OpenSSL 1.0.1 ... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

pixmin on May 30, 2020 | parent | context | favorite | on: CA Root expired on 30 May 2020

Everything is fine with PKI and SSL certificates. It was a bug in OpenSSL 1.0.1 / 1.0.2 in dealing with two times cross-signed root CA. It is fixed in 1.1.1, but these older versions are still default on RHEL6/RHEL7/Centos6/Centos7 and even Ubuntu16.04.

I think a large portion of online communications have been affected today.

josephcsible on May 31, 2020 [–]

It's really ironic that only "stable" distros were affected by this, and that distros with software closer to bleeding-edge worked fine through it.

Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact