Package: ca-certificates Version: 20230311 Severity: normal File: /usr/share/ca-certificates/mozilla/E-Tugra_Certification_Authority.crt
I noticed that there is one expired certificate in ca-certificates:
$ cat test
now=$(date -u)
date -d "$now"
now="$(date -d "$now" +%s)"
for f in /usr/share/ca-certificates/mozilla/* ; do
date="$(openssl x509 -enddate -noout -in "$f" | cut -d= -f2)"
d="$(date -d "$date" +%s)"
if [ $((d<=now)) -eq 1 ] ; then
echo Expired: $f $date $d $now
fi
done
$ sh test
Sun 12 Mar 2023 10:17:20 AWST
Expired:
/usr/share/ca-certificates/mozilla/E-Tugra_Certification_Authority.crt Mar 3
12:09:48 2023 GMT 1677845388 1678587440
-- System Information:
Debian Release: bookworm/sid
APT prefers testing-security
APT policy: (950, 'testing-security'), (900, 'testing-debug'), (900,
'testing'), (800, 'unstable-debug'), (800, 'unstable'), (790,
'buildd-unstable'), (700, 'experimental-debug'), (700, 'experimental'), (690,
'buildd-experimental')
merged-usr: no
Architecture: amd64 (x86_64)
Kernel: Linux 6.1.0-6-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8), LANGUAGE=en_AU:en
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages ca-certificates depends on:
ii debconf [debconf-2.0] 1.5.82
ii openssl 3.0.8-1
ca-certificates recommends no packages.
ca-certificates suggests no packages.
-- debconf information excluded
--
bye,
pabs
https://wiki.debian.org/PaulWise
signature.asc
Description: This is a digitally signed message part
