certificate signed by unknown authority, Let's Encrypt
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical Livepatch Client |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
When attempting to enable livepatch on a fresh install of ubuntu server 18.04, I get the following error.
error executing enable: Couldn't send req: Post https:/
I've tested this on multiple servers at different locations. This issue may be affecting all users. This will also prevent livepatch from functioning on existing installs.
I suspect that the 'Let's Encrypt Authority X3' CA is not installed on the snap core.
Debug Info:
SSL Cert:
* SSL connection using TLSv1.2 / ECDHE-RSA-
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: CN=livepatch.
* start date: Sep 1 05:36:06 2018 GMT
* expire date: Nov 30 05:36:06 2018 GMT
* issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3
* SSL certificate verify ok.
} [5 bytes data]
> GET /api/machine-tokens HTTP/1.1
> Host: livepatch.
> User-Agent: curl/7.58.0
> Accept: */*
>
Name Version Rev Tracking Publisher Notes
canonical-livepatch 8.0.3 42 stable canonical✓ -
description: | updated |
information type: | Proprietary → Public |
Changed in canonical-livepatch-client: | |
status: | New → Fix Released |
I've switched both services back to using the original CA.