| 1 |
On Saturday 02 May 2015 13:58:09 Walter Dnes wrote: |
| 2 |
> The latest update on my netbook is still stumbling along due to a few |
| 3 |
> speed bumps. Here's something that I noticed strictly by accident as |
| 4 |
> the build scrolled by. I checked in /var/portage/elog afterwards, but |
| 5 |
> only found a few messages about broken symlinks, and their removal. |
| 6 |
|
| 7 |
The ca-certificates ebuild will remove any root certificates or hash symlinks, |
| 8 |
which are no longer trusted from your /etc/ssl/certs/ directory. I recall in |
| 9 |
the past I had to tidy up manually, but these days I don't need to. |
| 10 |
|
| 11 |
|
| 12 |
> I don't know how to interpret the attached. Were the certificates |
| 13 |
> installed or not? As a general question, is there a tool to dig through |
| 14 |
> and list the certs on a machine... without pulling in 90% of QT or |
| 15 |
> GNOME? |
| 16 |
|
| 17 |
You can have a look in /etc/ssl/certs/ which contains the default OS Root CA |
| 18 |
certificates and see if there are any broken symlinks. |
| 19 |
|
| 20 |
You can also run a manual update, if it's been a long time since you updated |
| 21 |
this package, or put it in a cron job: |
| 22 |
|
| 23 |
# /usr/sbin/update-ca-certificates --verbose |
| 24 |
Updating certificates in /etc/ssl/certs... Doing . |
| 25 |
A-Trust-nQual-03.pem => 9c472bf7.0 |
| 26 |
ACCVRAIZ1.pem => a94d09e5.0 |
| 27 |
ACEDICOM_Root.pem => 381ce4dd.0 |
| 28 |
AC_Raíz_Certicámara_S.A..pem => 6f2c1157.0 |
| 29 |
[snip ...] |
| 30 |
|
| 31 |
thawte_Primary_Root_CA.pem => 2e4eed3c.0 |
| 32 |
thawte_Primary_Root_CA_-_G2.pem => c089bbbd.0 |
| 33 |
thawte_Primary_Root_CA_-_G3.pem => ba89ed3b.0 |
| 34 |
174 added, 0 removed; done. |
| 35 |
Running hooks in /etc/ca-certificates/update.d....done. |
| 36 |
|
| 37 |
-- |
| 38 |
Regards, |
| 39 |
Mick |
Archives