[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#623671: ca-certificates: some certificates not installing and getting errors

reassign 623671 ca-certificates-java
thanks

On Fri, Apr 22, 2011 at 11:57:54AM +0530, shirish ????? wrote:
> Package: ca-certificates
> Version: 20110421
> Severity: normal
> 
> *** Please type your report below this line ***
> 
> Got few errors when it was installing the new cacertificates. Output
> from running aptitude safe-upgrade.
> 
> Updating certificates in /etc/ssl/certs... WARNING: Skipping duplicate
> certificate ca-certificates.crt
> WARNING: Skipping duplicate certificate ca-certificates.crt
> WARNING: Skipping duplicate certificate cert_igca_rsa.pem
> WARNING: Skipping duplicate certificate cert_igca_rsa.pem
> 43 added, 27 removed; done.
> Running hooks in /etc/ca-certificates/update.d....

Those messages are from ca-certificates.  What follows is from
the hook script from ca-certificates-java.

> updating keystore /etc/ssl/certs/java/cacerts...
>   added: /etc/ssl/certs/ACEDICOM_Root.pem
>   error adding /etc/ssl/certs/AC_Raíz_Certicámara_S.A..pem
>   added: /etc/ssl/certs/ApplicationCA_-_Japanese_Government.pem
[...]
>   does not exist: /etc/ssl/certs/ABAecom_=sub.__Am._Bankers_Assn.=_Root_CA.pem
>   does not exist: /etc/ssl/certs/beTRUSTed_Root_CA-Baltimore_Implementation.pem
[...]
>   does not exist: /etc/ssl/certs/Verisign_Time_Stamping_Authority_CA.pem
>   does not exist: /etc/ssl/certs/Visa_International_Global_Root_2.pem
>   removed /etc/ssl/certs/deutsche-telekom-root-ca-2.pem
> failed (VM used: java-6-openjdk).
> E: /etc/ca-certificates/update.d/jks-keystore exited with code 1.
> done.
> D000001: cmpversions a=`0:20090814+nmu3' b=`0:20090814+nmu3' r=0

This is probaly where tht hook script stops.  What follows
is the c_rehash call.

> Doing /usr/lib/ssl/certs
> GeoTrust_Primary_Certification_Authority.pem => 480720ec.0
> GeoTrust_Primary_Certification_Authority.pem => 9772ca32.0
[...]
> cacert.org.pem => 99d0fa06.0
> cacert.org.pem => 5ed36f99.0
> 
> 
> As can be seen from the above output the errors are something like :-
> 
> error adding /etc/ssl/certs/AC_Raíz_Certicámara_S.A..pem
> error adding /etc/ssl/certs/EBG_Elektronik_Sertifika_Hizmet_Saglay?c?s?.pem
> error adding /etc/ssl/certs/NetLock_Arany_=Class_Gold=_Fotanúsítvány.pem
> error adding /etc/ssl/certs/TÜBITAK_UEKAE_Kök_Sertifika_Hizmet_Saglay?c?s?_-_Sürüm_3.pem

So we now have a few files with UTF-8 chars in it, and
ca-certificates-java doesn't seem to like that.

> and the various does not exist statements. If they do not exist, then
> shouldn't the directories or sub-directories be made (whatever is
> needed)
> 
> does not exist: /etc/ssl/certs/ABAecom_=sub.__Am._Bankers_Assn.=_Root_CA.pem
>   does not exist: /etc/ssl/certs/beTRUSTed_Root_CA-Baltimore_Implementation.pem
>   does not exist: /etc/ssl/certs/beTRUSTed_Root_CA.pem
>   does not exist: /etc/ssl/certs/beTRUSTed_Root_CA_-_Entrust_Implementation.pem
[...]

Those have all been removed.  I don't know why it says they
don't exist instead of saying they have been removed.

> also do not know why something failed.
> 
> failed (VM used: java-6-openjdk).
> E: /etc/ca-certificates/update.d/jks-keystore exited with code 1.
> done.
> 
> So all in all multiple errors.

And as far as I can see none of them are in ca-certificates,
so I'm reassigning to ca-certificates-java.


Kurt
Reply to: