Why and how to replace CAcert Class 1 and Class 3 roots
The main browsers do not accept certificates (including root self-signed ones) signed using the MD-5 algorithm, after 20161231. The reason is, that the MD-5 algorithm is no more considered as the safe one nowadays. This is also the reason for replacing it with the SHA256 signed CAcert root certificate.
This article describes:
- Why and how to replace MD-5 signed CAcert Class 1 root certificate with the SHA256 signed CAcert Class 1 root
- Why and how to replace intermediate CAcert Class 3 root certificate
The SHA256 signed CAcert root certificate is quite equal to the MD-5 signed CAcert root one, as regards technical issues. The main differences between the SHA256 signed Class 1 root and the MD-5 signed Class 1 root are as follows:
- of course the signing algorithm: SHA256 instead of MD-5,
- serial number: 00000F instead of 000000,
SHA-1 fingerprint: dd:fc:da:54:1e:75:77:ad:dc:a8:7e:88:27:a9:8a:50:60:32:52:a5 (instead of 13:5C:EC:36:F4:9C:B8:E9:3B:1A:B2:70:CD:80:88:46:76:CE:8F:33).
The intermediate root SHA256 signed CAcert certificate Class 3 serial number 0A418A contains a link to the CAcert Class 1 root certificate serial # 000000 (MD-5 signed). This could lead programs, e.g. web browsers, to download the old Class 1 certificate, when assembling the certificate chain (from your certificate to the root one). Therefore, it is also advisable to replace the Class 3 certificate. The differences follows:
- certificate does not contain the link to the Class 1 root serial # 000000,
- serial number is 00000E instead of 0A418A,
the fingerprint made with the SHA-1 algorithm: A7:C4:8F:BE:6B:02:6D:BD:0E:C1:B4:65:B8:8D:D8:13:EE:1D:EF:A0 (instead of AD:7C:3F:64:FC:44:39:FE:F4:E9:0B:E8:F4:7C:6C:FA:8A:AD:FD:CE).
20190410: the SHA256 signed root certificates, both Class 1 and Class 3, were placed to the CAcert operating server (http://www.cacert.org/index.php?id=3). Their filenames for download are: root_X0F (Class 1 root) and class3_X0E (intermediate Class 3 root). The hex. number following "X" is the unique serial number of the certificate, thus 00000F and 00000E, respectively. CAcert users are advised to substitute both older certificates (with serial numbers 000000 and 0A418A) with these new ones according to the following instructions.
In brief: the replacement is possible, simple, and makes no problem both to OSes and to browsers. The process of the replacement is totally straightforward as 1-2-3:
- Import (install) the downloaded roots into your OS or browser (e.g. use the system utility, or browser embedded Certificate Manager, respectively). Install the Class 1 certificate (root_X0F) and confirm its credibility. Then install Class 3 certificate (class3_X0E).
- Delete the former MD-5 signed CAcert Class 1 root. Check its serial number 000000 before.
- Delete also the former Class 3 intermediate CAcert root. Check its serial number 0A418A before.
It has been proven that the replace procedure makes no harm.
There is no need to change or reinstall any CAcert issued certificate, as those already are SHA256 signed. Systems (Linux, Windows) and browsers (Firefox) are still able to create certificate chains needed.
The procedure, if roots were installed by the MSI package for MS Windows
If you have installed CAcert roots using the MSI package (available from the page http://www.cacert.org/index.php?id=3), you have to deinstall them first using the same package CAcert_Root_Certificates.msi (or the new one, CAcert_Root_Certificates_X0F_X0E.msi). If you don't remember the procedure of the former installation, run the package (with X0F_X0E in its name). If three standard possibilities appear (buttons Change, Repair, Uninstall), press Uninstall. If the error dialog box appears (with no text, buttons Yes/No), press Yes.
You can also manually uninstall the root and intermediate certificates, then search for the following Registry key:
and if it exists, delete it.
After uninstallation is done, run the new package CAcert_Root_Certificates_X0F_X0E.msi, confirm the license agreement, and install the roots. Again, if the dialog box "Error" appears, press Yes.
The procedure for the Kleopatra in Linux
The Kleopatra program deletes the root certificate with the whole certificate string. Thus, it does not allow the direct substitution of the old root certificate. You need to follow this procedure:
Export all the certificates, issued to you, to files of type <hash>.pem
- Delete the CAcert root certificate (MD-5 signed). That way you also delete all the certificate string, i. e. the CAcert Class3 certificate and all your certificates (you have backups from the step 1).
- Import the CAcert root certificate CAcert Class1 SHA256 signed with serial number 0F (root_X0F.crt), and set it trustworthy.
- Import the CAcert intermediate Class3 certificate (class3_X0E.crt).
- Import all the certificates issued to you, which you have exported in the step 1.