Yes. I can confirm that the package ca-certificates 20210119~20.10.1, make possible to restore nuget packages using "nuget restore". Although invoking the dotnet cli, like doing "dotnet restore" yields the same certificate error. Is it possible to solve this certificate issue once and for all?
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ca-certificates in Ubuntu. https://bugs.launchpad.net/bugs/1913951 Title: ca-certificates: Symantec CA blacklisted for non-TLS uses Status in ca-certificates package in Ubuntu: Fix Released Status in ca-certificates source package in Groovy: Fix Released Status in ca-certificates source package in Hirsute: Fix Released Status in ca-certificates package in Debian: Fix Committed Bug description: ~$ lsb_release -rd Description: Ubuntu 20.10 Release: 20.10 ~$ apt list --installed | grep ca-certificates WARNING: apt does not have a stable CLI interface. Use with caution in scripts. ca-certificates/groovy-updates,groovy-security,now 20201027ubuntu0.20.10.1 all [installed,automatic] Repro steps: 1. Open Terminal. 2. Execute: wget https://dot.net/v1/dotnet-install.sh chmod +x ./dotnet-install.sh ./dotnet-install.sh -c 5.0 export DOTNET_ROOT=$HOME/.dotnet export PATH=$PATH:$HOME/.dotnet dotnet new console dotnet add package System.Collections.Immutable Expected result: Package restore will succeed. Actual result: Package restore fails with: error: NU3028: Package 'System.Collections.Immutable 5.0.0' from source 'https://api.nuget.org/v3/index.json': The author primary signature's timestamp found a chain building issue: UntrustedRoot: self signed certificate in certificate chain There has been a planned process to distrust Symantec certificates in the certificate store over the past two years. The Debian ca-certificates package removed this CA for both TLS (expected) and other uses (like timestamping) (unexpected). Trust was added back in a subsequent update. See https://release.debian.org/proposed-updates/stable.html#ca-certificates_20200601~deb10u2 for details. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1913951/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
