[Pkg-openssl-devel] Bug#642314: Bug#642314: Bug#628780: Wrong hash link to cacert.org.pem and wron certificat hash handling at all

[Kurt Roeckx]

On Thu, Sep 22, 2011 at 10:15:50AM +0200, Loïc Minier wrote:
>  Just thought of another minor issue with the new c_rehash handling
>  multiple certs in the same file: when a piece of software follows the
>  hashed symlink, the certificate it's looking for might not be the first
>  one.  Is this verified to work with gnutls and openssl implementations?
>  I wonder whether this could confuse some software in Debian that might
>  be using the ssl API in a way that only the first certificate is tried.

So I would like to drop the patch, but cacert.org.pem still
contains 2 cert files.

Michael, could you please consider splitting that file?


Kurt