After a routine update this morning (last one was probably 3 days
ago), I see that 147 files in /etc need updating. When I run
etc-update, they're all ".pem" CA files (or links?). It looks like it
was all of the .pem files under /etc/ssl/certs. I did a -5, and all
seems well.
It's a bit alarming when portage tells you that all of your root CA
files have been modified since they were installed.
The package app-misc/ca-certificates was updated last week (and it's
quite possible the 147 /etc files needed updating after that), but
I've never had to deal with certificate file updates like that before
(nor have I ever seen anything similar on other Gentoo machines).
The only thing I can think of that seems relevent is that last week I
did add one _local_ certificate using the method prescribed by the
Wiki:
# mkdir -p /usr/local/share/ca-certificates
# cp <localCA>.crt /usr/local/share/ca-certificates
# update-ca-certificates
Would that fool portage into thinking that all 147 CA files belonging
to app-misc/ca-certificates had been modified and needed to be
"merged" when app-misc/ca-certificates got updgraded?
--
Grant
