Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Issue with my ca-certificates.crt

Tags:

ssl

ubuntu

ca

(I am on Ubuntu 14.10. uname -r => 3.16.0-31-generic)

apt-get update

Failed to fetch https://get.docker.com/ubuntu/dists/docker/main/binary-amd64/Packages  server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none.

git clone https://github.com/sdelements/lets-chat.git

I can't clone anything - fatal: unable to access 'https://github.com/sdelements/lets-chat.git/': server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none.

docker run hello-world

Get https://index.docker.io/v1/repositories/library/hello-world/images: x509: certificate signed by unknown authority.

ls /etc/ssl/certs/ca-certificates.crt -l

-rw-r--r-- 1 root root 1964 Mar 26 18:19 /etc/ssl/certs/ca-certificates.crt

Any clues would be appreciated.

like image 410
user3538553 Avatar asked Mar 28 '15 16:03

user3538553

2 Answers

All of my ca certificates were missing from /usr/share/ca-certificates/*
re-installing the package put them back

If they are missing from that location, doing a force reloading will show the 0 of 0:

update-ca-certificates -f

Clearing symlinks in /etc/ssl/certs...done.  
Updating certificates in /etc/ssl/certs... 0 added, 0 removed; done.

apt-get install --reinstall ca-certificates

Preparing to unpack .../ca-certificates_20141019ubuntu0.14.10.1_all.deb ...
Unpacking ca-certificates (20141019ubuntu0.14.10.1) over (20141019ubuntu0.14.10.1) ...
Processing triggers for man-db (2.7.0.2-2) ...
Setting up ca-certificates (20141019ubuntu0.14.10.1) ...
Processing triggers for ca-certificates (20141019ubuntu0.14.10.1) ...
Updating certificates in /etc/ssl/certs... WARNING: Skipping duplicate certificate Go_Daddy_Class_2_CA.pem
WARNING: Skipping duplicate certificate Go_Daddy_Class_2_CA.pem
173 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d....done.
like image 170
user3538553 Avatar answered Sep 29 '22 17:09

user3538553

Another cause might be your server time: check whether your server time is correct by running date. If it isn't, run sudo ntpdate -s ntp.ubuntu.com. An incorrect server time can invalidate ssl certificates

In my case, I restored a server snapshot. As a result, the server time was still set to snapshot-time. A reboot would probably solve this issue as well, as ubuntu tries to update the time on boot.

like image 22
Laurens Rietveld Avatar answered Sep 29 '22 19:09

Laurens Rietveld
Sign in to Comment

Related questions

SSH connect to EC2 instance of natty operation timeout
How to make a directory apache readable on ubuntu
How to make a 'service' running my Node.js application on Ubuntu server
Django Celery socket.error: [Errno 111] Connection refused
git rebase could not execute editor
QAudioDeviceInfo finds no default audio device on Ubuntu
Setting up virtual host on XAMPP
preconfigure an empty password for mysql via debconf-set-selections
How can we get list of non-system users on linux?
PHP5-Curl install error no installation candidate
Ubuntu says virtualenv is not installed but pip says it is
How install java to ubuntu on docker?
whats the meaning of curl "-s" and "-m"
PostgreSQL docker: "could not bind IPv6 socket: Cannot assign requested address"
Can not start meld on ubuntu 16.04 as error import meld.conf
In Ubuntu 18 installation, setting manual ipv4 address shows IP_ADDR/SUBNET error has host bit set
How can I automate dpkg/apt-get?
Eclipse cannot find Java on Ubuntu
Getting JIRA to run on amazon ec2 t1.micro instance
install both mysql and mysqlnd on ubuntu 12.04

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!