Cannot Verify's Certificate

Bug #1371201 reported by jean-christophe manciot on 2014-09-18
This bug affects 1 person
Affects Status Importance Assigned to Milestone
pipelight-multi (Ubuntu)

Bug Description

Environment: Ubuntu 14.04 - pipelight-multi with all dependencies
System Check: System-Check.txt - Libraries fail on, but it is present.
Installed Plugins: pipelight-plugin --list-enabled-all: silverlight5.1
console output: pipelight.log

Running 'pipelight-plugin --update' leads to the following error:

"root@MSI-GE60-Ubuntu-14:/home/actionmystique# pipelight-plugin --update
--2014-09-18 18:20:59--
Resolving (,
Connecting to (||:443... connected.
ERROR: cannot verify's certificate, issued by ‘/C=US/O=DigiCert Inc/ High Assurance EV CA-1’:
  Unable to locally verify the issuer's authority.
To connect to insecurely, use `--no-check-certificate'.

ERROR: Failed to download latest dependency-installer script"

The "--no-check-certificate" is not allowed.

Downoading "" through a browser is possible, but then what?

export SSL_CERT_DIR=/etc/ssl/certs has been helpful.

Now, "pipelight-plugin --update" leads to:

--2014-09-20 09:24:52--
Resolving (,
Connecting to (||:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 9609 (9.4K) [application/pgp-signature]
Saving to: ‘/tmp/tmp.WeljfL54h5’

100%[============================================================================================================>] 9,609 --.-K/s in 0s

2014-09-20 09:24:52 (280 MB/s) - ‘/tmp/tmp.WeljfL54h5’ saved [9609/9609]

gpg: Signature made Thu 11 Sep 2014 10:19:57 PM CEST using RSA key ID 1C3B0533
gpg: Good signature from "Pipelight Dev Team <email address hidden>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 3978 8ABB 0402 FC31 D4FB 22AA 0B6B 817C 1C3B 0533

Michael Müller (mqchael) wrote :


your last output looks okay. The warning is only caused by the fact that you did not define our key as trusted signature (which is not necessary). However the line:

gpg: Good signature from "Pipelight Dev Team <email address hidden>"

indicates that the signature check was successful.


Ron Widell (r-widell) wrote :

I have the same issue as jean-christophe manciot wrt certificate, with a couple of minor differences:

Kubuntu 14.04, pipelight-multi 0.2.8~ubuntu14.04.1 with all dependencies

system-check fails on Libraries saying is missing (but it's in the same directories as the other libs).

export SSL_CERT_DIR=/etc/ssl/certs was no help to me, I got the same error.
So I edited the pipelight-plugin file to add the --no-check-certificate option to the invocation of wget (diff file attached). I figured that was safe since the gpg signature of the downloaded file was also checked (and passed).


To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers