[Blink] [solved] Re: Expired certificate for Ubuntu Focal Repository?
Adrian Georgescu
ag at ag-projects.com
Fri Nov 5 01:45:30 CET 2021
I can bundle the new cert and make a new blink package.
Just double checking, where is the authoritative source for the replaced CA file?
> On 4 Nov 2021, at 16:07, g4-lisz at tonarchiv.ch wrote:
>
> On 04.11.21 20:04, Lars Noodén wrote:
>> On 11/4/21 20:51, g4-lisz at tonarchiv.ch wrote:
>>>
>>>
>>> Maybe you can just add the content of
>>> /usr/local/share/ca-certificates/lets-encrypt-r3.crt to the end of this
>>> file...
>>>
>>> Not sure if you also need some header before the -----BEGIN
>>> CERTIFICATE----- line...
>>>
>>> This would be something like:
>>>
>>> # Lets' Encrypt
>>> # Issuer: C = US, O = Internet Security Research Group, CN = ISRG
>>> Root X1
>>> # Subject: C = US, O = Let's Encrypt, CN = R3
>>>
>>> The X3 cert of Let's Encrypt in my /usr/share/blink/tls/ca.crt is
>>> definitely outdated.
>>>
>>> You should probably delete the last smaller block of the two,
>>> starting with
>>>
>>> -----BEGIN CERTIFICATE-----
>>> MIIEZTCCA02gAwIBAgIQQAF1BIMUpMghjISpDBbN3zANBgkqhkiG9w0BAQsFADA/
>>>
>>> But make a backup of /usr/share/blink/tls/ca.crt first!
>>
>> Thanks! I made a back up of ca.crt, removed the last certificate, and
>> then appended lets-encrypt-r3.crt to the file. That has gotten rid of
>> the error. I can now dial out.
>>
>> I had previously tried reinstalling Blink so maybe the new certificate
>> needs to be packaged?
>>
> Glad to hear that it solved the problem!
>
> Yes, this CRT file is outdated, at least in the latest deb package for
> Focal...
>
> _______________________________________________
> Blink mailing list
> Blink at lists.ag-projects.com
> https://lists.ag-projects.com/mailman/listinfo/blink
More information about the Blink
mailing list