Bug#623671: ca-certificates: some certificates not installing and getting errors
reassign 623671 ca-certificates-java
thanks
On Fri, Apr 22, 2011 at 11:57:54AM +0530, shirish ????? wrote:
> Package: ca-certificates
> Version: 20110421
> Severity: normal
>
> *** Please type your report below this line ***
>
> Got few errors when it was installing the new cacertificates. Output
> from running aptitude safe-upgrade.
>
> Updating certificates in /etc/ssl/certs... WARNING: Skipping duplicate
> certificate ca-certificates.crt
> WARNING: Skipping duplicate certificate ca-certificates.crt
> WARNING: Skipping duplicate certificate cert_igca_rsa.pem
> WARNING: Skipping duplicate certificate cert_igca_rsa.pem
> 43 added, 27 removed; done.
> Running hooks in /etc/ca-certificates/update.d....
Those messages are from ca-certificates. What follows is from
the hook script from ca-certificates-java.
> updating keystore /etc/ssl/certs/java/cacerts...
> added: /etc/ssl/certs/ACEDICOM_Root.pem
> error adding /etc/ssl/certs/AC_Raíz_Certicámara_S.A..pem
> added: /etc/ssl/certs/ApplicationCA_-_Japanese_Government.pem
[...]
> does not exist: /etc/ssl/certs/ABAecom_=sub.__Am._Bankers_Assn.=_Root_CA.pem
> does not exist: /etc/ssl/certs/beTRUSTed_Root_CA-Baltimore_Implementation.pem
[...]
> does not exist: /etc/ssl/certs/Verisign_Time_Stamping_Authority_CA.pem
> does not exist: /etc/ssl/certs/Visa_International_Global_Root_2.pem
> removed /etc/ssl/certs/deutsche-telekom-root-ca-2.pem
> failed (VM used: java-6-openjdk).
> E: /etc/ca-certificates/update.d/jks-keystore exited with code 1.
> done.
> D000001: cmpversions a=`0:20090814+nmu3' b=`0:20090814+nmu3' r=0
This is probaly where tht hook script stops. What follows
is the c_rehash call.
> Doing /usr/lib/ssl/certs
> GeoTrust_Primary_Certification_Authority.pem => 480720ec.0
> GeoTrust_Primary_Certification_Authority.pem => 9772ca32.0
[...]
> cacert.org.pem => 99d0fa06.0
> cacert.org.pem => 5ed36f99.0
>
>
> As can be seen from the above output the errors are something like :-
>
> error adding /etc/ssl/certs/AC_Raíz_Certicámara_S.A..pem
> error adding /etc/ssl/certs/EBG_Elektronik_Sertifika_Hizmet_Saglay?c?s?.pem
> error adding /etc/ssl/certs/NetLock_Arany_=Class_Gold=_Fotanúsítvány.pem
> error adding /etc/ssl/certs/TÜBITAK_UEKAE_Kök_Sertifika_Hizmet_Saglay?c?s?_-_Sürüm_3.pem
So we now have a few files with UTF-8 chars in it, and
ca-certificates-java doesn't seem to like that.
> and the various does not exist statements. If they do not exist, then
> shouldn't the directories or sub-directories be made (whatever is
> needed)
>
> does not exist: /etc/ssl/certs/ABAecom_=sub.__Am._Bankers_Assn.=_Root_CA.pem
> does not exist: /etc/ssl/certs/beTRUSTed_Root_CA-Baltimore_Implementation.pem
> does not exist: /etc/ssl/certs/beTRUSTed_Root_CA.pem
> does not exist: /etc/ssl/certs/beTRUSTed_Root_CA_-_Entrust_Implementation.pem
[...]
Those have all been removed. I don't know why it says they
don't exist instead of saying they have been removed.
> also do not know why something failed.
>
> failed (VM used: java-6-openjdk).
> E: /etc/ca-certificates/update.d/jks-keystore exited with code 1.
> done.
>
> So all in all multiple errors.
And as far as I can see none of them are in ca-certificates,
so I'm reassigning to ca-certificates-java.
Kurt
Reply to: