Certificates not valid in /etc/pki/ca-trust/source/ca-bundle.legacy.crt or expire soon
Issue
- Some certificates in
/etc/pki/ca-trust/source/ca-bundle.legacy.crt
, delivered byca-certificate
package, appear to expire after a close date - Tools like
x509watch
may print warning messages about this:
/etc/pki/ca-trust/source/ca-bundle.legacy.crt (Equifax Secure Certificate Authority) is not valid after 2018-08-22
/etc/pki/ca-trust/source/ca-bundle.legacy.crt (GTE CyberTrust Global Root) is not valid after 2018-08-13
Environment
RHEL 6
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.