[Interest] SSL & Let's Encrypt certificate expiration

Wed Oct 6 20:28:42 CEST 2021

On Wed, 6 Oct 2021, maitai wrote:

> old Ubuntu 16.04 VM.

ca-certificates (20160104ubuntu1) does not have the ISRG X1 root:

(xenial)# ls -l /etc/ssl/certs/6187b673.0 /etc/ssl/certs/4042bcee.0
ls: cannot access '/etc/ssl/certs/6187b673.0': No such file or directory
ls: cannot access '/etc/ssl/certs/4042bcee.0': No such file or directory

Make sure to upgrade:

# apt-cache policy ca-certificates
ca-certificates:
  Installed: 20160104ubuntu1
  Candidate: 20210119~16.04.1
  Version table:
     20210119~16.04.1 500
        500 http://archive.ubuntu.com/ubuntu xenial-security/main amd64 Packages
 *** 20160104ubuntu1 500
        500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages
        100 /var/lib/dpkg/status

You’ll need to have xenial-security in your sources.list, then you
should be getting 20210119~16.04.1 with regular security updates,
which you, of course, do regularily, right? ☻

bye,
//mirabilos
-- 
Infrastrukturexperte • tarent solutions GmbH
Am Dickobskreuz 10, D-53121 Bonn • http://www.tarent.de/
Telephon +49 228 54881-393 • Fax: +49 228 54881-235
HRB AG Bonn 5168 • USt-ID (VAT): DE122264941
Geschäftsführer: Dr. Stefan Barth, Kai Ebenrett, Boris Esser, Alexander Steeg

                        ****************************************************
/⁀\ The UTF-8 Ribbon
╲ ╱ Campaign against      Mit dem tarent-Newsletter nichts mehr verpassen:
 ╳  HTML eMail! Also,     https://www.tarent.de/newsletter
╱ ╲ header encryption!
                        ****************************************************