[snap] CA Certificates from /usr/local/share/ca-certificates are not used
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
chromium-browser (Ubuntu) |
Confirmed
|
Medium
|
Unassigned |
Bug Description
We have a company internal CA and placed its root CA certificate in /usr/local/
With chromium-browser as snap in Ubuntu 20.04 this seems to not work any more. Chromium reports invalid certificates as it cannot validate the chain any more.
PLease make the snap version of Chromium use the certificates from the system (out of /etc/ssl/certs etc).
ProblemType: Bug
DistroRelease: Ubuntu 20.04
Package: chromium-browser (not installed)
ProcVersionSign
Uname: Linux 5.4.0-52-generic x86_64
ApportVersion: 2.20.11-
Architecture: amd64
CasperMD5CheckR
CurrentDesktop: XFCE
Date: Mon Oct 26 18:51:29 2020
InstallationDate: Installed on 2020-09-26 (30 days ago)
InstallationMedia: Xubuntu 20.04.1 LTS "Focal Fossa" - Release amd64 (20200731)
SourcePackage: chromium-browser
UpgradeStatus: No upgrade log present (probably fresh install)
For a strictly confined snap such as chromium, /etc/ssl/certs is provided by the core snap, not by the host system, which explains why your local CA isn't being recognized.
As a workaround, and to understand better the problem, can you manually import the certificate from chrome: //settings/ certificates? Does this make your CA recognized?