Upgrade to ca-certificates to 20180409 causes ca-certificates.crt to be removed if duplicate certs found
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu Single Sign On Client |
New
|
Undecided
|
Unassigned | ||
ca-certificates (Debian) |
Fix Released
|
Unknown
|
|||
ca-certificates (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Bionic |
Invalid
|
Undecided
|
Unassigned | ||
openssl (Ubuntu) |
Fix Released
|
High
|
Brian Murray | ||
Bionic |
Fix Released
|
High
|
Brian Murray |
Bug Description
The certificate /usr/share/
This results in the postinst trigger for ca-certificates to remove the /etc/ssl/
If I run update-
If I understand some of the postinst code correctly, --fresh should only be run if called directly or if upgrading from a ca-certificates version older than 2011.
Running bionic with daily -updates channel and ran into this this morning due to the release of ca-certificates version 20180409.
Changed in ca-certificates (Ubuntu): | |
status: | New → Confirmed |
tags: | added: bionic rls-bb-incoming |
tags: | added: id-5ada3680136e07b5b524b90d |
Changed in ca-certificates (Debian): | |
status: | Unknown → New |
Changed in openssl (Ubuntu Bionic): | |
status: | New → In Progress |
importance: | Undecided → High |
assignee: | nobody → Brian Murray (brian-murray) |
Changed in ca-certificates (Ubuntu Bionic): | |
status: | Confirmed → Invalid |
Changed in ca-certificates (Debian): | |
status: | New → Fix Committed |
Changed in ca-certificates (Debian): | |
status: | Fix Committed → Fix Released |
perhaps a proper fix is for ubuntu-sso-client to release a new python- ubuntu- sso-client package in bionic that doesn't include this UbuntuOne- Go_Daddy_ Class_2_ CA.pem now that ca-certificates package has the CA.
However, I'd still like to see duplicate certs not causing ca-certificates.crt to be deleted.