Intermediate SSL cert in entropy.ubuntu.com.pem expires on March 8 2023
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
pollinate (Ubuntu) |
Triaged
|
Undecided
|
Unassigned |
Bug Description
Pollinate provides a standalone SSL certificate bundle in `/etc/pollinate
The intermediate certificate in that file for subject `CN = DigiCert SHA2 Secure Server CA` is about to expire:
```
- path: /etc/pollinate/
subject: C = US, O = DigiCert Inc, CN = DigiCert SHA2 Secure Server CA
not after: 2023-03-08 12:00:00
expires: 28 days
```
I'm not sure whether this will impact the proper operation of Pollinate, or if it will simply use a different certificate path automatically.
This issue seems to exist on at least Ubuntu 18.04 and 20.04, on a fully upgraded installation.
LSB release:
```
lsb_release -rd
Description: Ubuntu 20.04.5 LTS
Release: 20.04
```
Package version:
```
apt-cache policy pollinate
pollinate:
Installed: 4.33-3ubuntu1.
Candidate: 4.33-3ubuntu1.
Version table:
*** 4.33-3ubuntu1.
500 http://
100 /var/lib/
4.33-3ubuntu1 500
500 http://
```
Changed in pollinate (Ubuntu): | |
status: | Incomplete → Confirmed |
Hello Ferry and thanks for this bug report. How did you get to the 2023-03-08 expiration date? I get this on a Bionic system:
$ openssl x509 -noout -text < /etc/pollinate/ entropy. ubuntu. com.pem
[...]
Issuer: C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
Validity
Not Before: Nov 10 00:00:00 2006 GMT
Not After : Nov 10 00:00:00 2031 GMT
And the same on Focal.