1 |
>> I just noticed this at the end of my openssl emerge: |
2 |
>> |
3 |
>> * Running 'c_rehash /etc/ssl/certs/' to rebuild hashes #333069 ... |
4 |
>> WARNING: Skipping duplicate file cert_igca_rsa.pem [ ok ] |
5 |
>>>>> dev-libs/openssl-1.0.0e merged. |
6 |
>> |
7 |
>> Since SSL is so critical I thought I should run it by you guys. Is |
8 |
>> this something I should fix? I get: |
9 |
>> |
10 |
>> # updatedb && locate cert_igca_rsa.pem |
11 |
>> /old-backup-dir/etc/ssl/certs/cert_igca_rsa.pem |
12 |
>> /etc/ssl/certs/cert_igca_rsa.pem |
13 |
> |
14 |
> I notice I have these two symlinks in /etc/ssl/certs: |
15 |
> |
16 |
> lrwxrwxrwx 1 root root 9 Sep 7 05:23 3ee7e181.0 -> IGC_A.pem |
17 |
> lrwxrwxrwx 1 root root 17 Sep 7 05:23 3ee7e181.1 -> cert_igca_dsa.pem |
18 |
> |
19 |
> After a bit of poking around I see that the ca-certificates package |
20 |
> installs one cert under two different names: |
21 |
> |
22 |
> /usr/share/ca-certificates/gouv.fr/cert_igca_rsa.crt |
23 |
> /usr/share/ca-certificates/mozilla/IGC_A.crt |
24 |
> |
25 |
> I don't know where the 3ee7e181 symlinks get their names, but I notice |
26 |
> that the duplicate cert is actually the cert_igca_rsa.crt, not the dsa |
27 |
> cert. That's a bit confusing, but at least it led me to the answer. |
28 |
|
29 |
Nice sleuthing! I can't say I completely understand, but everything |
30 |
is OK as-is? |
31 |
|
32 |
- Grant |