[Interest] SSL & Let's Encrypt certificate expiration
maitai
maitai at virtual-winds.org
Wed Oct 6 21:01:02 CEST 2021
I vaguely understand that, but that is not my question.
My question is why forcing the loading of systemCACertificates() works.
--Philippe
Le 06-10-2021 20:28, Thorsten Glaser a écrit :
> On Wed, 6 Oct 2021, maitai wrote:
>
>> old Ubuntu 16.04 VM.
>
> ca-certificates (20160104ubuntu1) does not have the ISRG X1 root:
>
> (xenial)# ls -l /etc/ssl/certs/6187b673.0 /etc/ssl/certs/4042bcee.0
> ls: cannot access '/etc/ssl/certs/6187b673.0': No such file or
> directory
> ls: cannot access '/etc/ssl/certs/4042bcee.0': No such file or
> directory
>
> Make sure to upgrade:
>
> # apt-cache policy ca-certificates
> ca-certificates:
> Installed: 20160104ubuntu1
> Candidate: 20210119~16.04.1
> Version table:
> 20210119~16.04.1 500
> 500 http://archive.ubuntu.com/ubuntu xenial-security/main amd64
> Packages
> *** 20160104ubuntu1 500
> 500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages
> 100 /var/lib/dpkg/status
>
> You’ll need to have xenial-security in your sources.list, then you
> should be getting 20210119~16.04.1 with regular security updates,
> which you, of course, do regularily, right? ☻
>
> bye,
> //mirabilos
More information about the Interest
mailing list