[wp-trac] [WordPress Trac] #64063: Remove bundled 1024-bit certificates from bundled root certificates
WordPress Trac
noreply at wordpress.org
Wed Feb 18 00:20:31 UTC 2026
#64063: Remove bundled 1024-bit certificates from bundled root certificates
-----------------------------+--------------------------
Reporter: kkmuffme | Owner: johnbillion
Type: task (blessed) | Status: closed
Priority: normal | Milestone: 7.0
Component: HTTP API | Version:
Severity: major | Resolution: fixed
Keywords: early has-patch | Focuses:
-----------------------------+--------------------------
Changes (by johnbillion):
* status: accepted => closed
* resolution: => fixed
Comment:
In [changeset:"61669" 61669]:
{{{
#!CommitTicketReference repository="" revision="61669"
HTTP API: Remove 1024 bit certificates from bundled root certificates.
These legacy certificates have historically been retained in the
certificate bundle so some ancient versions of OpenSSL continue to work
with the bundle despite path discovery bugs in those versions.
The affected OpenSSL versions are all over a decade old now. To ensure the
ongoing security of the HTTP API these 1024 bit certificates have been
removed.
Props kkmuffme, JavierCasares, desrosj
Fixes #64063
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/64063#comment:11>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list