4 Certificates expired, 3 expiring soon in cacert.pem
vlours opened this issue · 0 comments
Hi Vox,
First of all, thank you for this module. It's working fine. No Issue using with it.
Unfortunately, we are running a script to check the expiration of the certificates in our Puppet environments.
The script has detected a couple of expired/expiring certificate from the file:
- archive/lib/puppet_x/bodeco/cacert.pem
I'm sure it's not a big deal to get these certificates updated (or deleted if no longer required)
Affected Puppet, Ruby, OS and module versions/distributions
- Module version: 4.0.0.0
How to reproduce (e.g Puppet code you use)
- Check the content of the cacert.pem file:
openssl crl2pkcs7 -nocrl -certfile lib/puppet_x/bodeco/cacert.pem | openssl pkcs7 -print_certs -text -noout
What are you seeing
The file lib/puppet_x/bodeco/cacert.pem includes 155 certificates.
Expired Certificates
| 2017-08-21 | T\xC3\x9CB\xC4\xB0TAK UEKAE K\xC3\xB6k Sertifika Hizmet Sa\xC4\x9Flay\xC4\xB1c\xC4\xB1s\xC4\xB1 - S\xC3\xBCr\xC3\xBCm 3 |
| 2017-11-20 | DST ACES CA X6 |
| 2017-12-22 | T\xC3\x9CRKTRUST Bilgi \xC4\xB0leti\xC5\x9Fim ve Bili\xC5\x9Fim G\xC3\xBCvenli\xC4\x9Fi Hizmetleri A.\xC5\x9E. (c) Aral\xC4\xB1k 2007 |
| 2019-03-04 | GeoTrust Global CA 2 |
Expiring in the next 30 days:
| 2019-07-06 | Class 2 Primary CA |
| 2019-07-09 | Deutsche Telekom Root CA 2 |
| 2019-07-09 | UTN-USERFirst-Hardware |
In next years:
I've also extracted the certificates expiring in the next 5 years, to provide you an planning of renewal from this file:
| 2020-03-25 | Staat der Nederlanden Root CA - G2 |
| 2020-05-30 | AddTrust Class 1 CA Root |
| 2020-05-30 | AddTrust External CA Root |
| 2020-05-30 | AddTrust Public CA Root |
| 2020-05-30 | AddTrust Qualified CA Root |
| 2020-12-25 | PSCProcert |
| 2021-03-17 | QuoVadis Root Certification Authority |
| 2021-04-06 | Sonera Class2 CA |
| 2021-09-30 | DST Root CA X3 |
| 2021-12-15 | Cybertrust Global Root |
| 2021-12-15 | GlobalSign |
| 2022-05-21 | GeoTrust Global CA |
| 2022-06-24 | Visa eCommerce Root |
| 2022-12-08 | Staat der Nederlanden EV Root CA |
| 2023-03-03 | E-Tugra Certification Authority |
| 2023-04-28 | T\xC3\x9CRKTRUST Elektronik Sertifika Hizmet Sa\xC4\x9Flay\xC4\xB1c\xC4\xB1s\xC4\xB1 H5 |
| 2023-05-15 | Hongkong Post Root CA 1 |
| 2023-09-30 | SECOM Trust.net, |
| 2024-01-21 | Trustis Limited, |
What behaviour did you expect instead
No expired certificates.
Output log
Any additional information you'd like to impart
This issue is purely informative. There is no impact in our side.
You may have to link in the documentation the way to regenerate this file.
Cheers,
Vincent