Dion Hulse 57d0720db7 HTTP: Partially revert [34283] which removed the 1024bit certificates from our trust store. ... Most browsers no longer trust 1024bit certificates, or certificates signed by them, instead verifying them by a trusted intermediate or a cross-sign from another trusted certificate. Unfortunately, as it turns out, OpenSSL prior to 1.0.1g cannot correctly handle certificates chains such as this, even if one of the intermediates is trusted. The solution is that we need to continue to trust the 1024bit legacy root certificates forthe foreseeable future This adds the following certificates back into our trust store: {{{ GTE CyberTrust Global Root Thawte Server CA Thawte Premium Server CA Verisign Class 3 Public Primary Certification Authority Verisign Class 3 Public Primary Certification Authority - G2 ValiCert Class 1 VA ValiCert Class 2 VA RSA Root Certificate 1 Entrust.net Secure Server CA Equifax Secure Global eBusiness CA Equifax Secure eBusiness CA 1 America Online Root Certification Authority 1 America Online Root Certification Authority 2 NetLock Business (Class B) Root NetLock Express (Class C) Root Verisign Class 3 Public Primary Certification Authority }}} Props rmccue. Merges [35919] to the 4.4 branch. Fixes #34935. Built from https://develop.svn.wordpress.org/branches/4.4@35921 git-svn-id: http://core.svn.wordpress.org/branches/4.4@35885 1a063a9b-81f0-0310-95a4-ce76da25c4cd		2015-12-14 05:25:26 +00:00
..
ca-bundle.crt	HTTP: Partially revert [34283] which removed the 1024bit certificates from our trust store.	2015-12-14 05:25:26 +00:00