[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1112125: apt-transport-https: Regression in CAInfo handling in Trixie

Package: apt-transport-https
Version: 3.1.4
Severity: normal
X-Debbugs-Cc: gjasny@googlemail.com

Hello,

there seems to be a regression in Trixie (probably since the switch
to OpenSSL) in the CAInfo handling.

I created a reproducer here:
https://salsa.debian.org/gjasny-guest/debian-apt-cafile

Copy for the archive:
---
FROM debian:13
ENV DEBIAN_FRONTEND=noninteractive
RUN sed -i'' -e 's,http://deb.debian.org,https://debian.inf.tu-dresden.de,g' /etc/apt/sources.list.d/debian.sources
ADD rootca.pem /etc/rootca.pem
RUN echo 'Acquire::https::debian.inf.tu-dresden.de::CAInfo "/etc/rootca.pem";' > /etc/apt/apt.conf.d/99-root-ca
RUN apt-get update
RUN apt-get install -y ca-certificates
---

It works with Debian 12 and fails with Debian 13. (I need that functionality
for a company internal APT repository, not debian.inf.tu-dresden.de.)

Could please take a look what's happening?

Thanks,
Gregor

-- System Information:
Debian Release: 13.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: arm64 (aarch64)

Kernel: Linux 6.12.27-arm64 (SMP w/4 CPU threads)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages apt-transport-https depends on:
ii  apt  3.1.4

apt-transport-https recommends no packages.

apt-transport-https suggests no packages.

-- no debconf information
Reply to: