group.of.nepali.translators team mailing list archive

Thread
Date

[Bug 1881533] Re: Remove expired AddTrust_External_Root.crt because it breaks software

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Marc Deslauriers <1881533@xxxxxxxxxxxxxxxxxx>
Date: Mon, 01 Jun 2020 15:18:03 -0000
Reply-to: Bug 1881533 <1881533@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Updates for this issue have now been published:

https://usn.ubuntu.com/4377-1/

** Changed in: ca-certificates (Ubuntu Xenial)
       Status: In Progress => Fix Released

** Changed in: ca-certificates (Ubuntu Bionic)
       Status: In Progress => Fix Released

** Changed in: ca-certificates (Ubuntu Eoan)
       Status: In Progress => Fix Released

** Changed in: ca-certificates (Ubuntu Focal)
       Status: In Progress => Fix Released

** Changed in: ca-certificates (Ubuntu Groovy)
       Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1881533

Title:
  Remove expired AddTrust_External_Root.crt because it breaks software

Status in ca-certificates package in Ubuntu:
  Fix Committed
Status in ca-certificates source package in Xenial:
  Fix Released
Status in ca-certificates source package in Bionic:
  Fix Released
Status in ca-certificates source package in Eoan:
  Fix Released
Status in ca-certificates source package in Focal:
  Fix Released
Status in ca-certificates source package in Groovy:
  Fix Committed

Bug description:
  The AddTrust_External_Root.crt certificate has expired:

  Data:
          Version: 3 (0x2)
          Serial Number: 1 (0x1)
      Signature Algorithm: sha1WithRSAEncryption
          Issuer: C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
          Validity
              Not Before: May 30 10:48:38 2000 GMT
              Not After : May 30 10:48:38 2020 GMT
          Subject: C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
          Subject Public Key Info:
              Public Key Algorithm: rsaEncryption
                  Public-Key: (2048 bit)
                  Modulus:

  
  This causes various client-side errors on Ubuntu 16.04 machines, about SSL certificate expiration, using (lib)curl for instance. Ubuntu 18.04 and up seem OK.

  Removing 'mozilla/AddTrust_External_Root.crt' from /etc/ca-
  certificates.conf and running 'update-ca-certificates -f -v' helps.
  I'm not sure if removing it is universally the best solution, but I
  can't find any other bug reports about this on Launchpad, and this
  seems the quickest way to fix all clients.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1881533/+subscriptions