Hello,
I noticed that Fedora Secure Boot CA on my system is expired. It has no effect on SecureBoot as it properly works. I would like to check if the certificate was updated, my system has been upgraded multiple times so likely it was enrolled during installation.
I would love to inform developers but I am unsure which package this CA file was distributed in. Anyone knows? Thanks.
[root@nuc fedora]# mokutil --list-enrolled
[key 1]
SHA1 Fingerprint: 7e:68:65:1d:52:68:5f:7b:f5:8e:a0:1d:78:4d:2f:90:d3:f4:0f:0a
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2574709492 (0x9976f2f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Fedora Secure Boot CA
Validity
Not Before: Dec 7 16:25:54 2012 GMT
Not After : Dec 5 16:25:54 2022 GMT
Subject: CN=Fedora Secure Boot CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ae:f5:f7:52:81:a9:5c:3e:2b:f7:1d:55:f4:5a:
68:84:2d:bc:8b:76:96:85:0d:27:b8:18:a5:cd:c1:
83:b2:8c:27:5d:23:0a:d1:12:0a:75:98:a2:e6:5d:
01:8a:f4:d9:9f:fc:70:bc:c3:c4:17:7b:02:b5:13:
c4:51:92:e0:c0:05:74:b9:2e:3d:24:78:a0:79:73:
94:c0:c2:2b:b2:82:a7:f4:ab:67:4a:22:f3:64:cd:
c3:f9:0c:26:01:bf:1b:d5:3d:39:bf:c9:fa:fb:5e:
52:b9:a4:48:fb:13:bf:87:29:0a:64:ef:21:7b:bc:
1e:16:7b:88:4f:f1:40:2b:d9:22:15:47:4e:84:f6:
24:1c:4d:53:16:5a:b1:29:bb:5e:7d:7f:c0:d4:e2:
d5:79:af:59:73:02:dc:b7:48:bf:ae:2b:70:c1:fa:
74:7f:79:f5:ee:23:d0:03:05:b1:79:18:4f:fd:4f:
2f:e2:63:19:4d:77:ba:c1:2c:8b:b3:d9:05:2e:d9:
d8:b6:51:13:bf:ce:36:67:97:e4:ad:58:56:07:ab:
d0:8c:66:12:49:dc:91:68:b4:c8:ea:dd:9c:c0:81:
c6:91:5b:db:12:78:db:ff:c1:af:08:16:fc:70:13:
97:5b:57:ad:6b:44:98:7e:1f:ec:ed:46:66:95:0f:
05:55
Exponent: 65537 (0x10001)