Public bug reported:

The AddTrust_External_Root.crt certificate has expired:

Data:
        Version: 3 (0x2)
        Serial Number: 1 (0x1)
    Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, 
CN=AddTrust External CA Root
        Validity
            Not Before: May 30 10:48:38 2000 GMT
            Not After : May 30 10:48:38 2020 GMT
        Subject: C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, 
CN=AddTrust External CA Root
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:


This causes various client-side errors on Ubuntu 16.04 machines, about SSL 
certificate expiration, using (lib)curl for instance. Ubuntu 18.04 and up seem 
OK.

Removing 'mozilla/AddTrust_External_Root.crt' from /etc/ca-
certificates.conf and running 'update-ca-certificates -f -v' helps. I'm
not sure if removing it is universally the best solution, but I can't
find any other bug reports about this on Launchpad, and this seems the
quickest way to fix all clients.

** Affects: ca-certificates (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ca-certificates in Ubuntu.
https://bugs.launchpad.net/bugs/1881533

Title:
  Remove expired AddTrust_External_Root.crt because it breaks software

Status in ca-certificates package in Ubuntu:
  New

Bug description:
  The AddTrust_External_Root.crt certificate has expired:

  Data:
          Version: 3 (0x2)
          Serial Number: 1 (0x1)
      Signature Algorithm: sha1WithRSAEncryption
          Issuer: C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, 
CN=AddTrust External CA Root
          Validity
              Not Before: May 30 10:48:38 2000 GMT
              Not After : May 30 10:48:38 2020 GMT
          Subject: C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, 
CN=AddTrust External CA Root
          Subject Public Key Info:
              Public Key Algorithm: rsaEncryption
                  Public-Key: (2048 bit)
                  Modulus:

  
  This causes various client-side errors on Ubuntu 16.04 machines, about SSL 
certificate expiration, using (lib)curl for instance. Ubuntu 18.04 and up seem 
OK.

  Removing 'mozilla/AddTrust_External_Root.crt' from /etc/ca-
  certificates.conf and running 'update-ca-certificates -f -v' helps.
  I'm not sure if removing it is universally the best solution, but I
  can't find any other bug reports about this on Launchpad, and this
  seems the quickest way to fix all clients.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1881533/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to