[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [XEN PATCH 3/4] automation: Remove expired root certificates used to be used by let's encrypt

On Thu, 16 Feb 2023, Anthony PERARD wrote:
> On Wed, Feb 15, 2023 at 04:14:53PM -0800, Stefano Stabellini wrote:
> > On Wed, 15 Feb 2023, Andrew Cooper wrote:
> > > Honestly, I think I'd prefer to drop all of these legacy versions...
> > 
> > Good timing! It just so happens that we need to shave some of the old
> > container tests as we have too many build tests on x86 :-)
> > 
> > I would remove Jessie as it reached EOL years ago. Do we really need
> > both Centos 7 and 7.2? If not, we could remove 7.
> 
> Actually, 7.2 is older than 7, so I would remove 7.2. (7 would be 7.x so
> latest 7 which is 7.9.)

Sounds good


> > That leaves us with Trusty and Centos 7.2 among these. I would be
> > tempted to keep Trusty and add the sed hack of this patch to make it
> > work. For Centos 7.2, the hack looks even worse. Would it solve the
> > problem to upgrade to the latest Centos 7.x subrelease? Is there really
> > no other way to solve the problem?
> 
> So for centos7, the blacklist of the expired root certificate isn't
> needed if we simply run `yum update` which for some reason is missing
> from the dockerfile...

That's much better!

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.