Unable to verify self signed certificate
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Snapcraft |
New
|
Undecided
|
Unassigned | ||
| openssl (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Bug Description
See the upstream bug background
https:/
The issue initially was caught in a case when developers works behind company firewall and requires install company self signed certificate on Ubuntu host in order to access internet via company proxy.
User may experience unable to access internet services via https protocol when even manually installed root trust ca-certificate on host machine due to openssl unable to verify some type of self signed certificate.
This is also causing problems for snapcraft developers who work behind proxy servers unable to build snap packages.
There is a fix going into openssl upstream apparently
https:/
Just create a bug here to track this issue in Ubuntu in order to make sure we merge upstream fixes ultimately.
Similar case reported by other users:
[1] https:/
[2] https:/
| description: | updated |
| description: | updated |
| Dimitri John Ledkov (xnox) wrote | #1 |
| Changed in openssl (Ubuntu): | |
| status: | New → Triaged |
| importance: | Undecided → Medium |
| affects: | snapcraft (Ubuntu) → snapcraft |
| Adrien Nader (adrien) wrote | #2 |
| Changed in openssl (Ubuntu): | |
| status: | Triaged → Fix Released |
The patch to address this is rather large, and doesn't quite apply cleanly to 1.1.1f that we currently ship.
Also there is a workaround for this - just generate a better / different self-signed cert which is identified as such by openssl.
But I do understand that doing that may be very inconvenient as well.