1 |
On Saturday 02 May 2015 13:58:09 Walter Dnes wrote: |
2 |
> The latest update on my netbook is still stumbling along due to a few |
3 |
> speed bumps. Here's something that I noticed strictly by accident as |
4 |
> the build scrolled by. I checked in /var/portage/elog afterwards, but |
5 |
> only found a few messages about broken symlinks, and their removal. |
6 |
|
7 |
The ca-certificates ebuild will remove any root certificates or hash symlinks, |
8 |
which are no longer trusted from your /etc/ssl/certs/ directory. I recall in |
9 |
the past I had to tidy up manually, but these days I don't need to. |
10 |
|
11 |
|
12 |
> I don't know how to interpret the attached. Were the certificates |
13 |
> installed or not? As a general question, is there a tool to dig through |
14 |
> and list the certs on a machine... without pulling in 90% of QT or |
15 |
> GNOME? |
16 |
|
17 |
You can have a look in /etc/ssl/certs/ which contains the default OS Root CA |
18 |
certificates and see if there are any broken symlinks. |
19 |
|
20 |
You can also run a manual update, if it's been a long time since you updated |
21 |
this package, or put it in a cron job: |
22 |
|
23 |
# /usr/sbin/update-ca-certificates --verbose |
24 |
Updating certificates in /etc/ssl/certs... Doing . |
25 |
A-Trust-nQual-03.pem => 9c472bf7.0 |
26 |
ACCVRAIZ1.pem => a94d09e5.0 |
27 |
ACEDICOM_Root.pem => 381ce4dd.0 |
28 |
AC_Raíz_Certicámara_S.A..pem => 6f2c1157.0 |
29 |
[snip ...] |
30 |
|
31 |
thawte_Primary_Root_CA.pem => 2e4eed3c.0 |
32 |
thawte_Primary_Root_CA_-_G2.pem => c089bbbd.0 |
33 |
thawte_Primary_Root_CA_-_G3.pem => ba89ed3b.0 |
34 |
174 added, 0 removed; done. |
35 |
Running hooks in /etc/ca-certificates/update.d....done. |
36 |
|
37 |
-- |
38 |
Regards, |
39 |
Mick |