-
Type:
Enhancement
-
Resolution: Won't Fix
-
Priority:
P4
-
None
-
Affects Version/s: 5.0, 7
-
Component/s: security-libs
-
x86
-
windows_xp, windows_7
A DESCRIPTION OF THE REQUEST :
The StartCom root certificate is currently missing from cacerts, which means that any SSLSocket connecting to a server which has a certificate provided by this CA will throw an error by default.
JUSTIFICATION :
I believe that having this root certificate in cacerts will make life easier for those of us who run servers whose certificates are provided by this CA.
StartCom has gone through a third party audit which was enough to allow Mozilla to include their root certificate, so I think we can consider them as trustworthy.
CUSTOMER SUBMITTED WORKAROUND :
One workaround is to manually add the certificate to cacerts (complex, but quite possible.) Another workaround is to use a nulled out TrustManager to accept all certificates.
The StartCom root certificate is currently missing from cacerts, which means that any SSLSocket connecting to a server which has a certificate provided by this CA will throw an error by default.
JUSTIFICATION :
I believe that having this root certificate in cacerts will make life easier for those of us who run servers whose certificates are provided by this CA.
StartCom has gone through a third party audit which was enough to allow Mozilla to include their root certificate, so I think we can consider them as trustworthy.
CUSTOMER SUBMITTED WORKAROUND :
One workaround is to manually add the certificate to cacerts (complex, but quite possible.) Another workaround is to use a nulled out TrustManager to accept all certificates.
- duplicates
-
-
- Closed
-