česky | deutsch | english | français | italiano || English home page
Frequently Asked Questions (FAQ)
Contents
CAcert: what, why, how
Account
Problems and Questions about the CAcert Registration Process
How To Change Your Name in your account
How To Change Your Date of Birth in your account
Arbitration, Audit, Policies
Assurance
Assurance Details: How can I get CAcert Assurance Points (APs) ?
Assurance Handbook (Individuals)
Assurer Challenge Test
New TTP-assisted-assurance program
(obsolete: Assurance by TTP-assisted-assurance, Assurance Information For TTP, and TTP Availability)
Thawte points to be revoked - New points counting (Thawte patch)
Certificate
Suggested Key Sizes for the future
Weak Keys System check
Certificate chain and its construction algorithm checking whether it is trusted
How can I import the root certificate? See Import Root Cert, Browser Clients, and e-Mail Clients; the UNOFFICIAL ROOT SHA256 SIGNED see below and here
I cannot renew my certificate - Certificate icons used by Windows and file suffixes (Problem #3)
You don't have a Domain name but still want a Server Cert? and How The Ping Test Works
UNOFFICIAL CAcert root signed using the SHA256 algorithm: for Windows, for Linux - PEM format, binary - DER format
- Class 1 root, signing algorithm SHA256, serial number 00000F
fingerprint SHA1 = dd:fc:da:54:1e:75:77:ad:dc:a8:7e:88:27:a9:8a:50:60:32:52:a5
Important note: After you have installed the SHA256 signed CAcert root certificate (#00000F), don't forget to delete the MD-5 signed CAcert root certificate (#000000)!
- Class 1 root, signing algorithm SHA256, serial number 00000F
UNOFFICIAL CAcert Roots in one package, valid at 11.11.2016: CAcert_chain_256.pem, contains roots:
- Class 1 Root, signing algorithm SHA256, serial number 00000F
fingerprint SHA1 = DD:FC:DA:54:1E:75:77:AD:DC:A8:7E:88:27:A9:8A:50:60:32:52:A5
Important note: After you have installed the SHA256 signed CAcert root certificate (#00000F), don't forget to delete the MD-5 signed CAcert root certificate (#000000)!
- Class 3 Root, signing algorithm SHA256, serial number 0A418A
fingerprint SHA1 = AD:7C:3F:64:FC:44:39:FE:F4:E9:0B:E8:F4:7C:6C:FA:8A:AD:FD:CE
- Class 1 Root, signing algorithm SHA256, serial number 00000F
CAcert Roots in one package, valid at September 04, 2015: CAcert_chain.pem, contains roots:
Class 1 Root, signing algorithm MD-5 not recognized by main browsers after 20161231 , serial number 000000
fingerprint SHA1 = 13:5C:EC:36:F4:9C:B8:E9:3B:1A:B2:70:CD:80:88:46:76:CE:8F:33
- Class 3 Root, signing algorithm SHA256, serial number 0A418A
fingerprint SHA1 = AD:7C:3F:64:FC:44:39:FE:F4:E9:0B:E8:F4:7C:6C:FA:8A:AD:FD:CE
- Where can I find the root certificate in a format that is suitable to append it to /usr/share/ssl/certs/ca-bundle.crt?
UNOFFICIAL cacert-bundle_256.crt - Class 1 (#00000F) and Class 3 (#0A418A) certificates, both SHA256 signed
Important note: After you have installed the SHA256 signed CAcert root certificate (#00000F), don't forget to delete the MD-5 signed CAcert root certificate (#000000)!new: cacert-bundle.crt - Class 1 (#000000, MD-5 signed) and Class 3 (#0A418A, SHA256 signed) certificates;
( obsolete: cacert-boundle.crt - Class 1 (#000000) and Class 3 (#000001) certificates, both MD-5 signed)
UNOFFICIAL CAcert_Root_Certificates_256.msi - Class 1 (#00000F) and Class 3 (#0A418A) certificates, both SHA256 signed - installable package for Windows
What is a CSR ? and Generating a Certificate Request
Where can I find out more info about Class 3 and chained certificates ? see FAQ/TechnicalQuestions
Getting your PGP key signed by CAcert
Cryptographic hardware Help and Howtos
Others
Getting Support and Help!
Decision Numbers (e.g. what m20070825.3 means)
CAcert servers' IPv6 support (at the date 20160418)
Glossary & Abbreviations (1), Glossary & Abbreviations (2), and Glossary & Abbreviations (Validation)