| 1 |
On 18 Aug 2008, at 08:04, Mick wrote: |
| 2 |
> ... |
| 3 |
>> When you updated the ca-certificates, you should have gotten a |
| 4 |
>> postinst |
| 5 |
>> message about broken symlinks that you need to remove. |
| 6 |
> |
| 7 |
> Oops! I had missed that. |
| 8 |
> |
| 9 |
> Looks good now: |
| 10 |
> |
| 11 |
> # update-ca-certificates |
| 12 |
> Updating certificates in /etc/ssl/certs....done. |
| 13 |
|
| 14 |
Except that doesn't _seem_ to fix it: |
| 15 |
|
| 16 |
WARN: postinst |
| 17 |
Broken symlink for a certificate at //etc/ssl/certs/SPI_CA_2006- |
| 18 |
cacert.pem |
| 19 |
Broken symlink for a certificate at //etc/ssl/certs/ |
| 20 |
Verisign_Class_1_Public_Primary_OCSP_Responder.pem |
| 21 |
Broken symlink for a certificate at //etc/ssl/certs/cacert.org.pem |
| 22 |
Broken symlink for a certificate at //etc/ssl/certs/ |
| 23 |
Verisign_Class_3_Public_Primary_OCSP_Responder.pem |
| 24 |
Broken symlink for a certificate at //etc/ssl/certs/spi-ca.pem |
| 25 |
Broken symlink for a certificate at //etc/ssl/certs/ |
| 26 |
Verisign_Secure_Server_OCSP_Responder.pem |
| 27 |
Broken symlink for a certificate at //etc/ssl/certs/ |
| 28 |
Verisign_Class_2_Public_Primary_OCSP_Responder.pem |
| 29 |
You MUST remove the above broken symlinks |
| 30 |
|
| 31 |
$ ls -l /etc/ssl/certs/SPI_CA_2006-cacert.pem |
| 32 |
lrwxrwxrwx 1 root root 61 Aug 30 03:37 /etc/ssl/certs/SPI_CA_2006- |
| 33 |
cacert.pem -> /usr/share/ca-certificates/spi-inc.org/SPI_CA_2006- |
| 34 |
cacert.crt |
| 35 |
$ sudo update-ca-certificates --verbose |
| 36 |
Updating certificates in /etc/ssl/certs....done. |
| 37 |
$ ls -l /etc/ssl/certs/SPI_CA_2006-cacert.pem |
| 38 |
lrwxrwxrwx 1 root root 61 Aug 30 03:37 /etc/ssl/certs/SPI_CA_2006- |
| 39 |
cacert.pem -> /usr/share/ca-certificates/spi-inc.org/SPI_CA_2006- |
| 40 |
cacert.crt |
| 41 |
$ |
| 42 |
|
| 43 |
Stroller. |
Archives