* [gentoo-user] Warnings about (un)trusted certs during emerge
@ 2015-05-02 12:58 Walter Dnes
2015-05-02 15:24 ` Mick
0 siblings, 1 reply; 2+ messages in thread
From: Walter Dnes @ 2015-05-02 12:58 UTC (permalink / raw
To: Gentoo Users List
[-- Attachment #1: Type: text/plain, Size: 601 bytes --]
The latest update on my netbook is still stumbling along due to a few
speed bumps. Here's something that I noticed strictly by accident as
the build scrolled by. I checked in /var/portage/elog afterwards, but
only found a few messages about broken symlinks, and their removal.
I don't know how to interpret the attached. Were the certificates
installed or not? As a general question, is there a tool to dig through
and list the certs on a machine... without pulling in 90% of QT or
GNOME?
--
Walter Dnes <waltdnes@waltdnes.org>
I don't run "desktop environments"; I run useful applications
[-- Attachment #2: certs.txt.gz --]
[-- Type: application/octet-stream, Size: 927 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [gentoo-user] Warnings about (un)trusted certs during emerge
2015-05-02 12:58 [gentoo-user] Warnings about (un)trusted certs during emerge Walter Dnes
@ 2015-05-02 15:24 ` Mick
0 siblings, 0 replies; 2+ messages in thread
From: Mick @ 2015-05-02 15:24 UTC (permalink / raw
To: gentoo-user
[-- Attachment #1: Type: Text/Plain, Size: 1571 bytes --]
On Saturday 02 May 2015 13:58:09 Walter Dnes wrote:
> The latest update on my netbook is still stumbling along due to a few
> speed bumps. Here's something that I noticed strictly by accident as
> the build scrolled by. I checked in /var/portage/elog afterwards, but
> only found a few messages about broken symlinks, and their removal.
The ca-certificates ebuild will remove any root certificates or hash symlinks,
which are no longer trusted from your /etc/ssl/certs/ directory. I recall in
the past I had to tidy up manually, but these days I don't need to.
> I don't know how to interpret the attached. Were the certificates
> installed or not? As a general question, is there a tool to dig through
> and list the certs on a machine... without pulling in 90% of QT or
> GNOME?
You can have a look in /etc/ssl/certs/ which contains the default OS Root CA
certificates and see if there are any broken symlinks.
You can also run a manual update, if it's been a long time since you updated
this package, or put it in a cron job:
# /usr/sbin/update-ca-certificates --verbose
Updating certificates in /etc/ssl/certs... Doing .
A-Trust-nQual-03.pem => 9c472bf7.0
ACCVRAIZ1.pem => a94d09e5.0
ACEDICOM_Root.pem => 381ce4dd.0
AC_Raíz_Certicámara_S.A..pem => 6f2c1157.0
[snip ...]
thawte_Primary_Root_CA.pem => 2e4eed3c.0
thawte_Primary_Root_CA_-_G2.pem => c089bbbd.0
thawte_Primary_Root_CA_-_G3.pem => ba89ed3b.0
174 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d....done.
--
Regards,
Mick
[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 473 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2015-05-02 15:25 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-05-02 12:58 [gentoo-user] Warnings about (un)trusted certs during emerge Walter Dnes
2015-05-02 15:24 ` Mick
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox