[Pkg-openssl-devel] Bug#996048: postfix-mta-sts-resolver: autopkgtest doesn't handle new version of ca-certificates nicely: rehash: warning: skipping ca-certificates.crt, it does not contain exactly one certificate or CRL
Kurt Roeckx
kurt at roeckx.be
Mon Oct 18 22:05:14 BST 2021
On Mon, Oct 18, 2021 at 10:40:59PM +0200, Julien Cristau wrote:
> On Mon, Oct 18, 2021 at 02:50:50PM +0200, Benjamin Hof wrote:
> > Hi,
> >
> > I think the following change might be the relevant one:
> >
> > --- a/update-ca-certificates
> > +++ b/update-ca-certificates
> > @@ -164,8 +164,6 @@
> > done
> > fi
> >
> > -rm -f "$CERTBUNDLE"
> > -
> > ADDED_CNT=$(wc -l < "$ADDED")
> > REMOVED_CNT=$(wc -l < "$REMOVED")
> >
> > It triggers this stderr output during openssl rehash (l. 184):
> >
> > rehash: warning: skipping ca-certificates.crt,it does not contain exactly one certificate or CRL
> >
> Ah, that makes sense. Annoying...
>
> Kurt/Sebastian, do you think there's a chance openssl rehash could grow
> some sort of ignore option so update-ca-certificates could ask it to
> skip ca-certificates.crt, to avoid spitting out a warning for it?
As in rehash all files in that directory, excluding a file? I
guess that's an option. I guess it's not an option to move the
file to a different location.
Kurt
More information about the Pkg-openssl-devel
mailing list