From: Paul Wise <pabs@debian.org>
Date: Sun, 19 Jun 2016 03:04:33 +0000 (+0800)
Subject: Stop trusting the SPI CA for debian.org services.
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=492f74299e67aef1f3ec2c6221b4e0bc609df231;p=mirror%2Fdsa-puppet.git

Stop trusting the SPI CA for debian.org services.

The SPI CA certificate is no longer used by debian.org services.

See-also: 5125ae620e16738e841813dd2f4135cb1eadb00e
---

diff --git a/modules/ssl/files/ca-certificates-debian.conf b/modules/ssl/files/ca-certificates-debian.conf
index f831d91bc..0c23a14fc 100644
--- a/modules/ssl/files/ca-certificates-debian.conf
+++ b/modules/ssl/files/ca-certificates-debian.conf
@@ -2,5 +2,4 @@
 # Only the CAs for debian.org are trusted, see /etc/ssl/ca-debian/README
 mozilla/AddTrust_External_Root.crt
 mozilla/UTN_USERFirst_Hardware_Root_CA.crt
-spi-inc.org/spi-cacert-2008.crt
 mozilla/DST_Root_CA_X3.crt