Preparing for DST Root CA X3 expiration (September 2021)

### Tasks

- [ ] Update `ca-certs` package.
  - [ ] Blacklist DST Root CA X3 so any self built old copies of OpenSSL or GnuTLS should work after September 30, 2021.
- [ ] Drop `openssl+1.0` since it's no longer used by any package.

### Regression

> Connectivity to "DST Root CA X3" websites only, even under faketime set to dates prior to 30th of September 2021 will not work, as "DST Root CA X3" certificate is no longer installed. users should locally install and enable that CA certificate, or allow dangerous unverified connectivity to websites using expired CA certs.

### See also

- [Help thread for DST Root CA X3 expiration (September 2021)](https://community.letsencrypt.org/t/help-thread-for-dst-root-ca-x3-expiration-september-2021/149190)
- [Distrust "DST Root CA X3"](https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1944481)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Preparing for DST Root CA X3 expiration (September 2021) #3471

Tasks

Regression

See also

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Preparing for DST Root CA X3 expiration (September 2021) #3471

Description

Tasks

Regression

See also

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions