The DigiCert CA certificates were added in 2008, folks. If you have software that has issues with validating certs for some reason, the issue is likely with that software or the environment the software is being run in.
ca-certificates (20080411) unstable; urgency=low
(...)
* Updated mozilla certificates from trunk, which led to the following
adds (+) and removes (-):
(...)
+ DigiCert Assured ID Root CA
+ DigiCert Global Root CA
+ DigiCert High Assurance EV Root CA
(...)
-- Philipp Kern <email address hidden> Sat, 12 Apr 2008 17:35:26 +0200
You're doing it wrong.
$ gnutls-cli -p 443 github.com --x509cafile /etc/ssl/ certs/ca- certificates. crt 252.129: 443'... ry=Private Organization, jurisdictionOfI ncorporationCou ntryName= US,jurisdiction OfIncorporation StateOrProvince Name=Delaware, serialNumber= 5157550, STREET= 548 4th Street, postalCode= 94107,C= US,ST=Californi a,L=San Francisco, O=GitHub\ , Inc.,CN= github. com', issuer `C=US,O=DigiCert Inc,OU= www.digicert. com,CN= DigiCert High Assurance EV CA-1', RSA key 2048 bits, signed using RSA-SHA1, activated `2013-06-10 00:00:00 UTC', expires `2015-09-02 12:00:00 UTC', SHA-1 fingerprint `d712e96965dcf2 36c874c7037dc0b 224a93bd233' www.digicert. com,CN= DigiCert High Assurance EV CA-1', issuer `C=US,O=DigiCert Inc,OU= www.digicert. com,CN= DigiCert High Assurance EV Root CA', RSA key 2048 bits, signed using RSA-SHA1, activated `2007-11-09 12:00:00 UTC', expires `2021-11-10 00:00:00 UTC', SHA-1 fingerprint `dbc7e90b0da5d8 8a5535430eeb665 d077859e8e8'
Processed 159 CA certificate(s).
Resolving 'github.com'...
Connecting to '192.30.
- Certificate type: X.509
- Got a certificate list of 2 certificates.
- Certificate[0] info:
- subject `businessCatego
- Certificate[1] info:
- subject `C=US,O=DigiCert Inc,OU=
- The hostname in the certificate matches 'github.com'.
- Peer's certificate is trusted
- Version: TLS1.2
- Key Exchange: RSA
- Cipher: AES-128-CBC
- MAC: SHA256
- Compression: NULL
- Handshake was completed
- Simple Client Mode:
^C ------- ------- ------- ------- ------- ------- ------- ------
-------
The DigiCert CA certificates were added in 2008, folks. If you have software that has issues with validating certs for some reason, the issue is likely with that software or the environment the software is being run in.
ca-certificates (20080411) unstable; urgency=low
(...)
* Updated mozilla certificates from trunk, which led to the following
adds (+) and removes (-):
(...)
+ DigiCert Assured ID Root CA
+ DigiCert Global Root CA
+ DigiCert High Assurance EV Root CA
(...)
-- Philipp Kern <email address hidden> Sat, 12 Apr 2008 17:35:26 +0200