update from 20130906ubuntu2 to 20170717~14.04.1 fails to install the Entrust G2 cert
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ca-certificates (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Using ubuntu 14.04 with ca-certificates 20130906ubuntu2 installed.
#lsb_release -rd
Description: Ubuntu 14.04.5 LTS
Release: 14.04
#dpkg -l | grep ca-cert
ca-certificates 20130906ubuntu2
#apt-cache policy ca-certificates
ca-certificates:
Installed: 20130906ubuntu2
Candidate: 20170717~14.04.1
Version table:
20170717~
500 http://
500 http://
*** 20130906ubuntu2 0
500 http://
100 /var/lib/
Upgrade the ca-certificates package
#apt-get install ca-certificates
Preparing to unpack .../ca-
Unpacking ca-certificates (20170717~14.04.1) over (20130906ubuntu2) ...
Processing triggers for man-db (2.6.7.1-1ubuntu1) ...
Setting up ca-certificates (20170717~14.04.1) ...
Processing triggers for ca-certificates (20170717~14.04.1) ...
Updating certificates in /etc/ssl/certs... 17 added, 36 removed; done.
Running hooks in /etc/ca-
Adding debian:
Adding debian:
Adding debian:
Adding debian:
Adding debian:
Adding debian:
Adding debian:
Adding debian:
Adding debian:
Adding debian:
Adding debian:
Adding debian:
Adding debian:
Adding debian:
Adding debian:
Adding debian:
Adding debian:
Removing debian:
Removing debian:
Removing debian:
Removing debian:CA_Disig.pem
Removing debian:
Removing debian:
Removing debian:
Removing debian:
Removing debian:
Removing debian:IGC_A.pem
Removing debian:Juur-SK.pem
Removing debian:
Removing debian:
Removing debian:
Removing debian:
Removing debian:
Removing debian:
Removing debian:
Removing debian:
Removing debian:
Removing debian:
Removing debian:
Removing debian:
Removing debian:
Removing debian:
Removing debian:
Removing debian:
Removing debian:
Removing debian:
Removing debian:
Removing debian:
Removing debian:
Removing debian:
Removing debian:
Removing debian:
Removing debian:
done.
The Entrust G2 CA cert is missing from /etc/ssl/certs and isn't noted as installed the apt-get install text.
When installing the 20170717~14.04.1 version directly (not upgrading), then the Entrust G2 cert is installed.
Entrust changed their installation instructions a month ago to forgo a cross link intermediate cert that would have their certs using two CAs: Entrust and Entrust G2.