cURL / Mailing Lists / curl-library / Single Mail


RSA1024 cacert cleanups

From: Daniel Stenberg <>
Date: Fri, 5 Sep 2014 08:02:16 +0200 (CEST)

Hey all,

Just for information to all: Mozilla has recently removed weak certs from the
CA certs bundle. Weak, in the meaning that they used 1024 bit RSA.

If you download the latest cacert bundle from the curl site
( right now, you'll see that sites no longer gets verified fine. I guess that it goes for
a few other sites too.


Blogged by Kai Engert here:

The removed certs are somewhat detailed in the recent NSS release notes:

Finally: while I am employed by Mozilla I am not at all involed in the CA cert

List admin:
Received on 2014-09-05