On Sat, Jul 07, 2018 at 02:16:35PM +0200, Guido Schmidt wrote:
Hi all,
I just updated ca-certificates from 20141019+deb8u3 to 20141019+deb8u4 and got these errors:
Updating certificates in /etc/ssl/certs... unable to load certificate
140549699909264:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1219:
140549699909264:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:386:Type=X509
WARNING: dhparam.pem does not contain a certificate or CRL: skipping
20 added, 42 removed; done.
I don't understand what went wrong here. My search lead to problems with malformed certs, like leading or trailing blanks, but I'm pretty sure I didn't touch anything in /etc/ssl/certs, my local certs are stored elsewhere.
Can anybody shed some light on this?
I checked with one of the members of the LTS team involvd with the
ca-cretifictes update and he was not able to reproduce it. Could you
file a bug in the BTS with all the pertinent information so that they
have something to track?