Certificate expired error on update or installation
- Vous devez vous identifier ou créer un compte pour écrire des commentaires
I'm unable to install or update anything, and instead get the error posted below. This suddenly happened on my laptop without warning; my desktop works just fine. This seems to have happened before: https://trisquel.info/en/forum/apt-get-update-problem-trisquel-gnulinux-9
Any advice?
Hit:1 http://ppa.launchpad.net/gencfsm/ppa/ubuntu bionic InRelease
Ign:2 https://archive.trisquel.info/trisquel etiona InRelease
Ign:3 https://archive.trisquel.info/trisquel etiona-security InRelease
Ign:4 https://archive.trisquel.info/trisquel etiona-updates InRelease
Err:5 https://archive.trisquel.info/trisquel etiona Release
Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate. Could not handshake: Error in the certificate verification. [IP: 209.51.188.51 443]
Err:6 https://archive.trisquel.info/trisquel etiona-security Release
Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate. Could not handshake: Error in the certificate verification. [IP: 209.51.188.51 443]
Err:7 https://archive.trisquel.info/trisquel etiona-updates Release
Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate. Could not handshake: Error in the certificate verification. [IP: 209.51.188.51 443]
Reading package lists... Done
E: The repository 'https://archive.trisquel.info/trisquel etiona Release' no longer has a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: The repository 'https://archive.trisquel.info/trisquel etiona-security Release' no longer has a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: The repository 'https://archive.trisquel.info/trisquel etiona-updates Release' no longer has a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
You have to go to etc/apt and edit the sources.list file.
Replace all https with http. Then try again. It was working for me.
You need to be root for this. You can start pcmanfm in the terminal with:
sudo -H pcmanfm
Hope it will work :-)
A "geekier" way to do the substitution from a terminal:
$ sudo sed -i s/https/http/ /etc/apt/sources.list
Be careful: https://trisquel.info/en/forum/ca-certificate-issue-while-installing-any-package#comment-161334
My logins to Cpanel were getting intercepted because of the insecurity of http.
Could trisquel's certificate problem by related to OVH's fire ?
https://www.datacenterdynamics.com/en/news/ovh-fire-restart-continues-ovhcloud-has-no-lift-sbg3/
"geekier"...I had to google it. But it works of course fine :-)
> g00gle it
Note that you might also look up "geekier" on duckduckgo, or Qwant, or even better on searX.
Just make sure not to confuse it with "nerdier".
Thanks for the input everyone. I managed to resolve it by disabling certificate verification temporarily, and then updating the ca-certificates package. After that, I re-enabled certificate verification.
I believe the issue was caused by outdated certificates that were patched in the ca-certificates package. Since I hadn't been updating packages on my laptop for a while, I missed that important patch and it finally reached a point where the existing certificates went bad.
Can you explain to me in more detail how to do this? That would be helpful to me.
I followed the basic idea presented here: https://www.claudiokuenzler.com/blog/1088/how-to-solve-apt-error-server-certificate-verification-failed
More specifically:
1. Backup the contents of `/etc/apt/apt.conf.d/02trisquel`
2. Replace the contents of `/etc/apt/apt.conf.d/02trisquel` with `Acquire::https::repos.influxdata.com::Verify-Peer "false"`
3. Run `sudo apt update` and `sudo apt install ca-certificates`
4. Restore the original contents of `/etc/apt/apt.conf.d/02trisquel`
5. Run `sudo apt update` again to check if the certificate verification error is resolved
Thank you! I will test this, when I will do a new installation, after I will be finished with testing Trisquel.
You should use apt-get
apt-get --purge autoremove for removing configuration files.
"All features of apt(8) are available in dedicated APT tools like apt-get(8) and apt-cache(8) as well"
And read https://www.debian.org/doc/manuals/debian-faq/pkg-basics.en.html
As all are joke. You mistreat people who take time to write the tools and documentation. It's the same about wayland
( https://wayland.freedesktop.org/architecture.html )
and hyperbola ( https://wiki.hyperbola.info/doku.php?id=:en:start ).
Hi folks. I had this error https://trisquel.info/en/forum/trisquel-9-grub-efi-amd64-signed-package-failed-install before when installing Trisquel 9, solved it by simply enabling the internet connection. At the time of installation it must have been downloading some package for grub and EFI. Now because of problems with the certificate I can not do this during the installation and I get this grub package error again) Changing the certificates as described above does not help as the installer ignores the repository information update. I'm stumped now) Now there is an option to download Trisquel 10 beta, and use it) I checked, version 10 doesn't have that problem with https/http.
PS It turns out that the Trisquel 9 images that are now on the site are not quite working, during the installation, due to problems with the certificates.
Thank you for the information. I work with Trisquel Mini and I hope that the problem will be fixed there soon as well.
- Vous devez vous identifier ou créer un compte pour écrire des commentaires