Re: Errors on updating package ca-certificates in jessie
- Date: Sat, 7 Jul 2018 17:32:29 +0200
- From: Guido Schmidt <guido@xxxxxxxxxxxxxx>
- Subject: Re: Errors on updating package ca-certificates in jessie
Am 07.07.2018 um 15:11 schrieb Roberto C. Sánchez:
On Sat, Jul 07, 2018 at 02:16:35PM +0200, Guido Schmidt wrote:
I just updated ca-certificates from 20141019+deb8u3 to 20141019+deb8u4 and got these errors:
Updating certificates in /etc/ssl/certs... unable to load certificate
140549699909264:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1219:
140549699909264:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:386:Type=X509
WARNING: dhparam.pem does not contain a certificate or CRL: skipping
20 added, 42 removed; done.
I don't understand what went wrong here. My search lead to problems with malformed certs, like leading or trailing blanks, but I'm pretty sure I didn't touch anything in /etc/ssl/certs, my local certs are stored elsewhere.
Can anybody shed some light on this?
I checked with one of the members of the LTS team involvd with the
ca-cretifictes update and he was not able to reproduce it. Could you
file a bug in the BTS with all the pertinent information so that they
have something to track?
Thank you Roberto.
For reference, report is here: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903204