10

I'm with problems with ca-certificates. Every site that I try to access ask me for a confirmation of the certification and my update is not working 100% too

$ sudo rm -rf /etc/ssl/certs/*
$ sudo update-ca-certificates Updating certificates in /etc/ssl/certs... 152 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d....done.
$ sudo apt-get update
[...]                                
Err private-ppa.launchpad.net precise/main amd64 Packages              
  server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt    CRLfile: none
Err private-ppa.launchpad.net precise/main i386 Packages
  server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
Ign private-ppa.launchpad.net precise/main Translation-en_US
Ign private-ppa.launchpad.net precise/main Translation-en
Fetched 1,118 kB in 44s (24.9 kB/s)

E: Some index files failed to download. They have been ignored, or old ones used instead.
Pablo Bianchi
  • 15,657
user248189
  • 143
  • 1
  • 1
  • 7

1 Answers1

26

You removed all certificates yourself when you ran sudo rm -rf /etc/ssl/certs/*. That broke your system. One thing you can do to fix this is to reinstall the package they come from:

sudo apt-get install --reinstall ca-certificates

This should be relatively safe. If that doesn't work, you may need to purge the package out and reinstall it but don't attempt this if you currently have broken packages.

sudo apt-get -f install
# stop if you saw any errors

sudo dpkg --purge --force-depends ca-certificates
sudo apt-get -f install
Oli
  • 293,335
mirabilos
  • 676
  • 11
  • 19
  • Thank you for your answer mirabilios! I don't know what happened, I didn't anything else to try to solve the problem, but few days later my connections back to work as usual. May it was a problem in server that was fixed, I don't know. But, thank you for try to help! – user248189 Mar 02 '14 at 03:38
  • @Oli --reinstall only works for things that are not dpkg conffiles. But (I just looked on 14.04) ca-certificates indeed does not ship those files as dpkg conffiles, so your edit is probably safe. (Maintainer scripts and debconf caching might still interfere, but probably not in this example.) So, thanks. – mirabilos Jan 07 '15 at 14:24
  • Additionally, the /etc/ssl/certs is collated using the update-ca-certificates command. I would expect updates to ca-certificates to trigger this but you might have to run it afterwards manually. – Oli Jan 07 '15 at 14:29
  • @Oli from reading the postinst it should be triggered. – mirabilos Jan 07 '15 at 14:32
  • sudo apt-get install --reinstall ca-certificates did the deed. Thank you very much! – alsami Oct 07 '18 at 08:53