[Blink] Expired certificate for Ubuntu Focal Repository?
g4-lisz at tonarchiv.ch
g4-lisz at tonarchiv.ch
Thu Nov 4 19:51:24 CET 2021
On 04.11.21 19:29, Lars Noodén wrote:
> On 11/4/21 20:22, g4-lisz at tonarchiv.ch wrote:
>> ... but you could try this:
>>
>> ~$ env SSL_CERT_DIR=/etc/ssl/certs/ blink
>
> Thanks. The error still persists even with that method.
>
>> (start blink from command line using default debian CA cert directory
>> for openssl)
> What would the path for that likely be?
>
/etc/ssl/certs/ is the default CA directory on Debian...
It seems that Blink does not use external CA directories.
But I found this file: /usr/share/blink/tls/ca.crt
Maybe you can just add the content of
/usr/local/share/ca-certificates/lets-encrypt-r3.crt to the end of this
file...
Not sure if you also need some header before the -----BEGIN
CERTIFICATE----- line...
This would be something like:
# Lets' Encrypt
# Issuer: C = US, O = Internet Security Research Group, CN = ISRG Root X1
# Subject: C = US, O = Let's Encrypt, CN = R3
The X3 cert of Let's Encrypt in my /usr/share/blink/tls/ca.crt is
definitely outdated.
You should probably delete the last smaller block of the two, starting with
-----BEGIN CERTIFICATE-----
MIIEZTCCA02gAwIBAgIQQAF1BIMUpMghjISpDBbN3zANBgkqhkiG9w0BAQsFADA/
But make a backup of /usr/share/blink/tls/ca.crt first!
More information about the Blink
mailing list