A few fedora-packager releases ago, i added a utility to fedora-packager called fedora-cert. its intended as a utility to check that your cert is good and download a new one when needed. Ive not touted it since the verification of certificates is incomplete. pyOpenSSL doesnt have CRL support so i cant check to see if your certificate is revoked or not (there is about 10 implementations upstream waiting to be decided upon). What does work is “fedora-cert -n” which will get you a new certificate and save it in place. you just then need to run fedora-packager-setup.

since lots of peoples certificates are about to expire i wanted to get work out there that this is an option for you. rather than downloading the cert from the browser and manually putting in place. Down the road I want to make this a library so that fedora-packager-setup will let you do everything in one step. but you can verify your cert manually and fedora-cvs can tell you that your certs has expired, been revoked or is about to expire. So please give it a whirl and report bugs.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.