cacert-webdb/pages/index/3.php
Wytze van der Raay 21ffacf9f2 Fixes for https://bugs.cacert.org/view.php?id=1305:
CAcert Class1 root certificate needs to be reissued with
an updated CDP and a SHA-based signature.
See the message thread preserved in
https://lists.cacert.org/wws/arc/cacert-systemlog/2016-03/
for more information on the re-signed root certificates
installed and enabled by this commit.
2019-04-10 09:37:24 +00:00

98 lines
3.8 KiB
PHP

<? /*
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
<p><?=sprintf(_("You are bound by the %s Root Distribution Licence %s for any re-distributions of CAcert's roots."),"<a href='/policy/RootDistributionLicense.html'>","</a>")?></p>
<h3><?=_("Class 1 PKI Key")?></h3>
<ul class="no_indent">
<li><a href="certs/root_X0F.crt"><?=_("Root Certificate (PEM Format)")?></a></li>
<li><a href="certs/root_X0F.der"><?=_("Root Certificate (DER Format)")?></a></li>
<li><a href="certs/root_X0F.txt"><?=_("Root Certificate (Text Format)")?></a></li>
<li><a href="<?=$_SERVER['HTTPS']?"https":"http"?>://crl.cacert.org/revoke.crl">CRL</a></li>
<li><?=_("SHA256 fingerprint:")?> 07ED BD82 4A49 88CF EF42 15DA 20D4 8C2B 41D7 1529 D7C9 00F5 7092 6F27 7CC2 30C5</li>
<li><?=_("SHA1 fingerprint:")?> DDFC DA54 1E75 77AD DCA8 7E88 27A9 8A50 6032 52A5</li>
</ul>
<h3><?=_("Class 3 PKI Key")?></h3>
<ul class="no_indent">
<li><a href="certs/class3_X0E.crt"><?=_("Intermediate Certificate (PEM Format)")?></a></li>
<li><a href="certs/class3_X0E.der"><?=_("Intermediate Certificate (DER Format)")?></a></li>
<li><a href="certs/class3_X0E.txt"><?=_("Intermediate Certificate (Text Format)")?></a></li>
<li><a href="<?=$_SERVER['HTTPS']?"https":"http"?>://crl.cacert.org/class3-revoke.crl">CRL</a></li>
<li><?=_("SHA256 fingerprint:")?> F687 3D70 D675 96C2 ACBA 3440 1E69 738B 5270 1DD6 AB06 B497 49BC 5515 0936 D544</li>
<li><?=_("SHA1 fingerprint:")?> A7C4 8FBE 6B02 6DBD 0EC1 B465 B88D D813 EE1D EFA0</li>
</ul>
<h3><?=_("GPG Key")?></h3>
<ul class="no_indent">
<li><a href="certs/cacert.asc"><?=_("CAcert's GPG Key")?></a></li>
<li><?=_("GPG Key ID:")?> 0x65D0FD58</li>
<li><?=_("Fingerprint:")?> A31D 4F81 EF4E BD07 B456 FA04 D2BB 0D01 65D0 FD58</li>
</ul>
<?php if ( false ) { ?>
/**
Since we don't seem to have a way to GPG sign our current key, we have, at least temporarily, removed this.
https://bugs.cacert.org/view.php?id=1305#c5784
**/
<h4><?=_("PKI fingerprint signed by the CAcert GPG Key")?></h4>
<pre>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
For most software, the fingerprint is reported as:
A6:1B:37:5E:39:0D:9C:36:54:EE:BD:20:31:46:1F:6B
Under MSIE the thumbprint is reported as:
135C EC36 F49C B8E9 3B1A B270 CD80 8846 76CE 8F33
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE/VtRZ0rsNAWXQ/VgRAphfAJ9jh6TKBDexG0NTTUHvdNuf6O9RuQCdE5kD
Mch2LMZhK4h/SBIft5ROzVU=
=R/pJ
-----END PGP SIGNATURE-----
</pre>
<?php } ?>
<pre>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
pub 1024D/65D0FD58 2003-07-11 CA Cert Signing Authority (Root CA)
Key fingerprint = A31D 4F81 EF4E BD07 B456 FA04 D2BB 0D01 65D0 FD58
sub 2048g/113ED0F2 2003-07-11 [expires: 2033-07-03]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFCEDLN0rsNAWXQ/VgRArhhAJ9EY1TJOzsVVuy2lL98CoKL0vnJjQCfbdBk
TG1yj+lkktROGGyn0hJ5SbM=
=tXoj
-----END PGP SIGNATURE-----
</pre>
<h3><?=_("History")?></h3>
<p>
<? printf(_('An overview over all CA certificates ever issued can be found in '.
'%sthe wiki%s.'),
'<a href="//wiki.cacert.org/Roots/StateOverview">',
'</a>') ?>
</p>