On Sat, Feb 23, 2019 at 06:23:44AM +0000, DJ Lucas via blfs-support wrote:
> On 2/22/2019 11:45 PM, Ken Moffat wrote:
> > On Sat, Feb 23, 2019 at 04:10:51AM +0000, DJ Lucas via blfs-support
> > wrote:
> >> On 2/22/2019 8:14 PM, Ken Moffat via blfs-support wrote: Okay, so the
> >> bit of code that extracts the text and octal data from
> >> cacerts.txt are on lines 589-599. Lines 601-610 are what converts
> >> them to PEM files. awk, grep, printf, and openssl are the commands
> >> used. This error implies that the cert isn't extracted from the
> >> certdata.txt file correctly. Do this... replace line 849 (rm -rf
> >> "${TEMPDIR}") with echo ${TEMPDIR} instead and lets see what's in there.
> > Hi DJ, thanks for the response. Line _843_ in my copy of 1.2, I guess
> > you are looking at your master version with a few newer commits.
> > /tmp/tmp.jgLcZhknCx
> >> ${TEMPDIR}/certs should contain all of the extracted mozilla format
> >> files These files should begin with '#Certificate "Name"' and be
> >> readable, but I suspect not.i
> > A lot of readable files (perms 644) and they all seem to start like
> > that. But checking the next two items just in case.
> >> If not, then make sure the downloaded $TEMPDIR/work/certdata.txt
> >> looks sane, should begin with a mecurial revision number.
> > Yes, 3a4a3b9133e9 (it's from 12th of February).
> >> ${TEMPDIR}/pki/anchors should contain a bunch of pem files ini style
> >> layout, first line should be '[p11-kit-object-v1]'.
> > Yes, 151 of them, they all start with that.
> Good so far, we are successfully through the really ugly part of the
> script then.
>
> Okay, so does $TEMPDIR/work/tempfile.crt look like a valid cert? Should
> look something like below:
No .crt files in $TEMPDIR or its subdirectories. I changed make-ca
to exit after displaying the value of $TEMPDIR, the creation of
everything should have finished by then ?
work/ only contains certdata.txt
ĸen
> =============================================================================================
> Certificate:
> Data:
> Version: 3 (0x2)
> Serial Number: 0 (0x0)
> Signature Algorithm: md5WithRSAEncryption
> Issuer: O = Root CA, OU = http://www.cacert.org, CN = CA Cert
> Signing Authority, emailAddress = [email protected]
> ...
> Trusted Uses:
> TLS Web Server Authentication, E-mail Protection, Code Signing
> No Rejected Uses.
> Alias: CAcert Class 1 root
> SHA1 Fingerprint=13:5C:EC:36:F4:9C:B8:E9:3B:1A:B2:70:CD:80:88:46:76:CE:8F:33
> -----BEGIN CERTIFICATE-----
> MIIHPTCCBSWgAwIBAgIBADANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290
> ...
> omTxJBzcoTWcFbLUvFUufQb1nA5V9FrWk9p2rSVzTMVD
> -----END CERTIFICATE-----
> =============================================================================================
>
> --DJ
>
> --
> http://lists.linuxfromscratch.org/listinfo/blfs-support
> FAQ: http://www.linuxfromscratch.org/blfs/faq.html
> Unsubscribe: See the above information page
--
The beauty of reading a page of de Selby is that it leads one
inescapably to the conclusion that one is not, of all nincompoops,
the greates. -- du Garbandier
--
http://lists.linuxfromscratch.org/listinfo/blfs-support
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
