Metasploit SSL CA Updated

[hdm at metasploit.com (H D Moore)]

On June 2nd, 2005 the metasploit.com SSL key expired. This key had an 
expiration of one year. Normally, we would just generate a new key using 
the securely-stored CA key. Unfortunately, the private key for the CA 
become mangled and we could not generate a new key.

Since the msfupdate system depends on this CA key not changing, Metasploit 
Framework users will need to manually update the CA public key. The 
packages for version 2.4 have already been updated with the new key, but 
existing installations will no longer be able to use msfupdate until the 
key is updated.

Updating the CA key can be accomplished in a couple different ways:

1) Download the new certificate from http://metasploit.com/metasploit.crt 
and overwrite the ./docs/7f8d5320.0 with it. On the Windows platform, 
this file is usually located at:

C:\program files\metasploit framework\home\framework\docs\7f8d5320.0

You can verify the PGP signature and MD5 fingerprint of this certificate 
at http://metasploit.com/ssl.html.

2) Execute msfupdate and force it to use HTTP mode for the update. This 
can be accomplished by:

$ msfupdate -u -f -x

After the certificate file has been downloaded, msfupdate should work 
normally via SSL again.

-HD
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20050603/ae637ee9/attachment.pgp>