Public bug reported: source.codeaurora.org (linuxfoundation) changed their certificate on 30 JUL 2019. When cloning from codeaurora, you now get this error:
$ git clone https://source.codeaurora.org/external/imx/libdrm-imx.git/ Cloning into 'libdrm-imx'... fatal: unable to access 'https://source.codeaurora.org/external/imx/libdrm-imx.git/': server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none I think this suggests that the issuing CA Authority is not trusted and included in ca-certificates.crt. I've confirmed this certificate validation issue on both ubuntu 16.04 and ubutnu 18.04. I've even upgraded and reinstalled the ca-certificates package and still get the same validation error. I assumed it might be a problem with my clock out of sync, so I synchronized my server time with chrony and the issue persists. I can add the certificate manually to my installation of git and get around the issue, but I suspect that this issue will impact anyone attempting to clone from the linux foundation git servers. I've attached the source.codeaurora.org certificate to this bug report. The certificate shows that the issueing authority is "Sectigo RSA Domain Validation Secure Server CA" ** Affects: ca-certificates (Ubuntu) Importance: Undecided Status: New ** Attachment added: "source.codeaurora.org.pem" https://bugs.launchpad.net/bugs/1838802/+attachment/5280552/+files/source.codeaurora.org.pem -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ca-certificates in Ubuntu. https://bugs.launchpad.net/bugs/1838802 Title: ca-certificates missing trusted entry from linuxfoundation Status in ca-certificates package in Ubuntu: New Bug description: source.codeaurora.org (linuxfoundation) changed their certificate on 30 JUL 2019. When cloning from codeaurora, you now get this error: $ git clone https://source.codeaurora.org/external/imx/libdrm-imx.git/ Cloning into 'libdrm-imx'... fatal: unable to access 'https://source.codeaurora.org/external/imx/libdrm-imx.git/': server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none I think this suggests that the issuing CA Authority is not trusted and included in ca-certificates.crt. I've confirmed this certificate validation issue on both ubuntu 16.04 and ubutnu 18.04. I've even upgraded and reinstalled the ca-certificates package and still get the same validation error. I assumed it might be a problem with my clock out of sync, so I synchronized my server time with chrony and the issue persists. I can add the certificate manually to my installation of git and get around the issue, but I suspect that this issue will impact anyone attempting to clone from the linux foundation git servers. I've attached the source.codeaurora.org certificate to this bug report. The certificate shows that the issueing authority is "Sectigo RSA Domain Validation Secure Server CA" To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1838802/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
