Update subdomain-revoked.pem. Addresses #404.
#410
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Since the previous certificate was, well... revoked, we can't get a cert with the same private key. We'll have to add the new key to the revocation lists before this works.
|
@ericlaw1979, any chance you could get this key/cert added to Microsoft's CRL? :-D |
christhompson
approved these changes
Oct 7, 2019
|
This is now deployed. I've landed CLs to update the preloaded blocklist in Chrome and the CRLSet component. It may take ~1 day of the CRLSet to push out and reach most Chrome installs, so for now revoked.badssl.com may appear marked "Secure" in Chrome. |
aarongable
pushed a commit
to chromium/chromium
that referenced
this pull request
Oct 9, 2019
We're updating the certificate for revoked.badssl.com (the previous certificate expired on 2019/09/11) in chromium/badssl.com#410, and we should likewise update the certificate/SPKI in the blocklist. We are also updating the manually added list in CRLSet. Change-Id: I95c50250cc0139cf82dac214c785efa2704ea599 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1846018 Reviewed-by: Adam Langley <[email protected]> Commit-Queue: Christopher Thompson <[email protected]> Cr-Commit-Position: refs/heads/master@{#704364}
april
added a commit
to april/badssl.com
that referenced
this pull request
Jan 16, 2020
* 'master' of https://github.com/chromium/badssl.com: (175 commits) Add (known|blocked)-interception.badssl.com tests (chromium#423) Update `10000-sans`. (chromium#420) Rename subdomain-no-sct.crt to subdomain-no-sct.pem Add missing common in sets.js Mark DHE as bad or dubious (chromium#398) Add `no-sct.badssl.com`. Addresses chromium#275. (chromium#409) Update chain for `subdomain-1000-sans.pem`. Closes chromium#383. (chromium#408) Update `subdomain-revoked.pem`. Addresses chromium#404. (chromium#410) Add page with 🔒 in title (chromium#388) Explicitly send the self-signed root for untrusted-root (chromium#397) [web-payment] Print API return values and exceptions in the footer. (chromium#392) Tweak formatting for client cert passwords (chromium#385) Add descriptions to the dashboard sections. (chromium#371) Remove hyphens from dh domain pages. Fixes chromium#379 (chromium#380) Add incomplete chain description in footer. (chromium#366) Fix redirect port for `tls-v1-2`. (chromium#362) Export environment variables in the Makefile (chromium#355) Flip cert chain order for wildcard-rsa4096.pem (chromium#353) Add EV certificate (chromium#352) Update subdomain-extended-validation.conf ...
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Since the previous certificate was, well... revoked, we can't get a cert with the same private key. We'll have to add the new key to the revocation lists before this works.