Arch-announce

Download

arch-announce@lists.archlinux.org

December 2014

1 participants
2 discussions

[arch-announce] ca-certificates update
by Arch Linux: Recent news updates: Jan Steffens 11 Dec '14

11 Dec '14

The way local CA certificates are handled has changed. If you have added any locally trusted certificates: 1. Move /usr/local/share/ca-certificates/*.crt to /etc/ca-certificates/trust- source/anchors/ 2. Do the same with all manually-added /etc/ssl/certs/*.pem files and rename them to *.crt 3. Instead of `update-ca-certificates`, run `trust extract-compat` Also see `man 8 update-ca-trust` and `trust --help`. URL: https://www.archlinux.org/news/ca-certificates-update/

1 0

[arch-announce] GnuPG-2.1 and the pacman keyring
by Arch Linux: Recent news updates: Gaetan Bisson 08 Dec '14

08 Dec '14

The upgrade to gnupg-2.1 ported the pacman keyring to a new upstream format but in the process rendered the local master key unable to sign other keys. This is only an issue if you ever intend to customize your pacman keyring. We nevertheless recommend all users fix this by generating a fresh keyring. In addition, we recommend installing haveged, a daemon that generates system entropy; this speeds up critical operations in cryptographic programs such as gnupg (including the generation of new keyrings). To do all the above, run as root: pacman -Syu haveged systemctl start haveged systemctl enable haveged rm -fr /etc/pacman.d/gnupg pacman-key --init pacman-key --populate archlinux URL: https://www.archlinux.org/news/gnupg-21-and-the-pacman-keyring/

1 0