Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
aports
aports
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 647
    • Issues 647
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 195
    • Merge Requests 195
  • CI / CD
    • CI / CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Environments
  • Analytics
    • Analytics
    • CI / CD
    • Repository
    • Value Stream
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
  • alpine
  • aportsaports
  • Issues
  • #9935

Closed
Open
Opened Jan 29, 2019 by John Smith@inl-pd-autostest
  • Report abuse
  • New issue
Report abuse New issue

ca-certificates is broken and needs an update

Alpine 3.8 has ‘20171114-r3’ version of ‘ca-certificates’ package, which is quite old and looks like it is broken:

mail server mail.amur-cit.ru:587 uses self-signed certificate, which I need to add to the list of trusted ones on Alpine for the connection to succeed.

  1. get their certificate via this command:

openssl s_client -starttls smtp -showcerts -connect mail.amur-cit.ru:587

from the output of that command I copy 1st (well, 0th in terms of that command’s output) certificate from the certificate chain.

  1. save it into a file on Alpine node as /usr/local/share/ca-certificates/mail.amur-cit.ru.crt

  2. run update-ca-certificates

result:

WARNING: ca-certificates.crt does not contain exactly one certificate or CRL: skipping

On a Debian-based node that was enough to add the certificate to the list of trusted ones, the output there was the following:

Updating certificates in /etc/ssl/certs…
1 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d…
done.

(from redmine: issue id 9935, created on 2019-01-29, closed on 2019-01-29)

  • Changesets:
    • Revision e52ca18a by Natanael Copa on 2019-01-29T16:26:25Z:
main/ca-certificates: upgrade to 20190108

fixes #9935
  • Revision ef889967 by Natanael Copa on 2019-05-27T12:31:10Z:
main/ca-certificates: upgrade to 20190108

fixes #9935
  • Revision acbc0e0a by Natanael Copa on 2019-05-27T12:35:15Z:
main/ca-certificates: upgrade to 20190108

fixes #9935
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information
Assignee
Assign to
3.9.0
Milestone
3.9.0 (Past due)
Assign milestone
Time tracking
None
Due date
None
2
Labels
High type:bug
Assign labels
  • View project labels
Reference: alpine/aports#9935