The certificate for signing /iso/2026.06.01/arch/boot/x86_64/* has expired
Hello! 1) To:pierre@archlinux.de The certificate codesigning_pierre_archlinux.pem, used to sign the files `/iso/2026.06.01/arch/boot/x86_64/*` (used for Netboot, https://archlinux.org/releng/netboot/), expired on May 30, 2026, at 16:41:56 UTC. Steps to reproduce: [user@linuxbox ~]$ wget -q https://geo.mirror.pkgbuild.com/iso/2026.06.01/arch/boot/x86_64/vmlinuz-linux{,.ipxe.sig} [user@linuxbox ~]$ openssl cms -in vmlinuz-linux.ipxe.sig -inform DER -cmsout -print | grep -E 'notAfter:|subject:' notAfter: May 30 16:41:56 2026 GMT subject: C=DE, CN=Pierre Schmitz, emailAddress= pierre@archlinux.de [user@linuxbox ~]$ 2) Where should I write instead of Arch-releng (Arch Linux Release Engineering) mail list?
Hi, 1) I'd start by actually sending it to Pierre's email address instead of just saying "To pierre@archlinux.de" in the message. 2) probably the arch-general list instead of the aur-general list? cc'd both in this reply. Kusoneko. Jun 19, 2026 17:14:58 lao@snv0.com:
Hello!
1) To:pierre@archlinux.de[To%3Apierre@archlinux.de]
The certificate codesigning_pierre_archlinux.pem, used to sign the files `/iso/2026.06.01/arch/boot/x86_64/*` (used for Netboot, https://archlinux.org/releng/netboot/), expired on May 30, 2026, at 16:41:56 UTC.
Steps to reproduce:
[user@linuxbox ~]$ wget -q https://geo.mirror.pkgbuild.com/iso/2026.06.01/arch/boot/x86_64/vmlinuz-linux{,.ipxe.sig}[https://geo.mirror.pkgbuild.com/iso/2026.06.01/arch/boot/x86_64/vmlinuz-linux%7B,.ipxe.sig%7D] [user@linuxbox ~]$ openssl cms -in vmlinuz-linux.ipxe.sig -inform DER -cmsout -print | grep -E 'notAfter:|subject:' notAfter: May 30 16:41:56 2026 GMT subject: C=DE, CN=Pierre Schmitz, emailAddress=pierre@archlinux.de [user@linuxbox ~]$
2) Where should I write instead of Arch-releng (Arch Linux Release Engineering) mail list?
On 2026-06-19 23:13, lao@snv0.com wrote:
Hello!
1) To:pierre@archlinux.de <mailto:To%3Apierre@archlinux.de>
The certificate codesigning_pierre_archlinux.pem, used to sign the files `/iso/2026.06.01/arch/boot/x86_64/*` (used for Netboot, https:// archlinux.org/releng/netboot/ <https://archlinux.org/releng/netboot/>), expired on May 30, 2026, at 16:41:56 UTC.
Steps to reproduce:
[user@linuxbox ~]$ wget -q https://geo.mirror.pkgbuild.com/ iso/2026.06.01/arch/boot/x86_64/vmlinuz-linux{,.ipxe.sig} <https:// geo.mirror.pkgbuild.com/iso/2026.06.01/arch/boot/x86_64/vmlinuz- linux%7B,.ipxe.sig%7D> [user@linuxbox ~]$ openssl cms -in vmlinuz-linux.ipxe.sig -inform DER - cmsout -print | grep -E 'notAfter:|subject:' notAfter: May 30 16:41:56 2026 GMT subject: C=DE, CN=Pierre Schmitz, emailAddress=pierre@archlinux.de <mailto:pierre@archlinux.de> [user@linuxbox ~]$
2) Where should I write instead of Arch-releng (Arch Linux Release Engineering) mail list?
Pierre is aware and will issue a new certificate for next month. Best, Jonathan
participants (3)
-
Jonathan Grotelüschen
-
Kusoneko
-
lao@snv0.com