Package: ca-certificates Version: 20190110 Severity: normal Hi,
I found these expired certificates (thanks to Lynis): $ openssl x509 -noout -enddate -in /usr/share/ca-certificates/mozilla/Certplus_Class_2_Primary_CA.crt notAfter=Jul 6 23:59:59 2019 GMT $ openssl x509 -noout -enddate -in /usr/share/ca-certificates/mozilla/Deutsche_Telekom_Root_CA_2.crt notAfter=Jul 9 23:59:00 2019 GMT $ openssl x509 -noout -enddate -in /usr/share/ca-certificates/mozilla/Staat_der_Nederlanden_Root_CA_-_G2.crt notAfter=Mar 25 11:03:10 2020 GMT The upstream version does not have Certplus nor Deutsche Telekom certificates, but it still includes the recently expired Staat der Nederlanden certificate. -Topi
