If you want to disable diginotar's root CA on your Mac (for Safari/Chrome) you c... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		wxs on Aug 29, 2011 \| parent \| context \| favorite \| on: Gmail.com being MITM'd by Iran using this certific... If you want to disable diginotar's root CA on your Mac (for Safari/Chrome) you can open Keychain Access, select the "System Roots" keychain at the top left, find the diginotar certificate in the list, and delete it (or disable it, which is what I did). EDIT: This definitely works for Safari, not 100% sure if it does for Chrome after all.

technomancy on Aug 29, 2011 [–]

$ sudo dpkg-reconfigure ca-certificates # for debian-based systems

andreasvc on Aug 30, 2011 | [–]

I've always wondered what that package is actually used for, because programs like firefox, chromium, &c, maintain their own list of root CAs.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact