Package: ca-certificates Version: 20150426 Severity: important Hi,
since the last ca-certificates update I'm having problems browsing some pages with Epiphany/webkitgtk. One example is Facebook. It seems that GTE_CyberTrust_Global_Root.crt is missing. This would be the normal output: $ openssl s_client -CApath /etc/ssl/certs -connect fbcdn-dragon-a.akamaihd.net:443 CONNECTED(00000003) depth=3 C = US, O = GTE Corporation, OU = "GTE CyberTrust Solutions, Inc.", CN = GTE CyberTrust Global Root verify return:1 depth=2 C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root verify return:1 depth=1 O = Cybertrust Inc, CN = Cybertrust Public SureServer SV CA verify return:1 depth=0 C = US, ST = MA, L = Cambridge, O = "Akamai Technologies, Inc.", CN = a248.e.akamai.net verify return:1 And this is what I get with the latest ca-certificates package: $ openssl s_client -CApath /etc/ssl/certs -connect fbcdn-dragon-a.akamaihd.net:443 CONNECTED(00000003) depth=2 C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root verify error:num=20:unable to get local issuer certificate Other browsers (Chromium, Iceweasel) seem to work fine, though. Thanks, Berto -- System Information: Debian Release: stretch/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages ca-certificates depends on: ii debconf [debconf-2.0] 1.5.56 ii openssl 1.0.2a-1 ca-certificates recommends no packages. ca-certificates suggests no packages. -- debconf information excluded -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]

