** Description changed: - The "DigiCert High Assurance EV Root CA" certificate is missing, which - means that the system does not trust web sites that are using SSL - certificates signed by that root. An example is a popular website in the - Netherlands https://marktplaats.nl. The result is that no resources - other that the text-only homepage is loaded. + EDIT: This post originally mentioned the "DigiCert High Assurance EV + Root CA", which was the wrong name. The "DigiCert SHA2 Secure Server" + was intended. This post has been edited for clarity. + + ------------- + + The "DigiCert SHA2 Secure Server" certificate is missing, which means + that the system does not trust web sites that are using SSL certificates + signed by that root. An example is a popular website in the Netherlands + https://marktplaats.nl. The result is that no resources other that the + text-only homepage is loaded. Installing the Digicert root certificte manually from Digicert solves the problem: ``` wget https://dl.cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt mv DigiCertSHA2SecureServerCA.crt DigiCertSHA2SecureServerCA.der openssl x509 -inform DER -outform PEM -in DigiCertSHA2SecureServerCA.der -out DigicertSHA2SecureServerCA.pem.crt sudo mkdir -p /usr/share/ca-certificates/extra sudo cp DigicertSHA2SecureServerCA.pem.crt /usr/share/ca-certificates/extra/ sudo dpkg-reconfigure ca-certificates ``` Maybe there is a valid reason for not including this certificate by default, or maybe this certificate can be included by default, since it seems like it's assumed to be included on every machine.
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ca-certificates in Ubuntu. https://bugs.launchpad.net/bugs/1795242 Title: Digicert certificate is not included Status in ca-certificates package in Ubuntu: Confirmed Bug description: EDIT: This post originally mentioned the "DigiCert High Assurance EV Root CA", which was the wrong name. The "DigiCert SHA2 Secure Server" was intended. This post has been edited for clarity. ------------- The "DigiCert SHA2 Secure Server" certificate is missing, which means that the system does not trust web sites that are using SSL certificates signed by that root. An example is a popular website in the Netherlands https://marktplaats.nl. The result is that no resources other that the text-only homepage is loaded. Installing the Digicert root certificte manually from Digicert solves the problem: ``` wget https://dl.cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt mv DigiCertSHA2SecureServerCA.crt DigiCertSHA2SecureServerCA.der openssl x509 -inform DER -outform PEM -in DigiCertSHA2SecureServerCA.der -out DigicertSHA2SecureServerCA.pem.crt sudo mkdir -p /usr/share/ca-certificates/extra sudo cp DigicertSHA2SecureServerCA.pem.crt /usr/share/ca-certificates/extra/ sudo dpkg-reconfigure ca-certificates ``` Maybe there is a valid reason for not including this certificate by default, or maybe this certificate can be included by default, since it seems like it's assumed to be included on every machine. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1795242/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
