[arch-general] ca-certificates update
bareman at tpg.com.au
Mon Sep 7 02:22:35 UTC 2015
After re-installing in july I'm having problems with certificates and was pointed to https://www.archlinux.org/news/ca-certificates-update/
2014-12-11 - Jan Steffens
The way local CA certificates are handled has changed. If you have added any locally trusted certificates:
1 Move /usr/local/share/ca-certificates/*.crt to /etc/ca-certificates/trust-source/anchors/
2 Do the same with all manually-added /etc/ssl/certs/*.pem files and rename them to *.crt
3 Instead of update-ca-certificates, run trust extract-compat
Also see man 8 update-ca-trust and trust --help.
when I tried step 2:
move /etc/ssl/certs/*.pem to /etc/ca-certificates/trust-source/anchors/ and rename them to *.crt I found
1 the mv command seems to have lost the ablity to rename files as they are moved.
2 moving or copying the *.pem file results in adirectory full of broken links.
I think the solution might be to create symlinks to the real files, located at
/etc/ca-certificates/extracted/cadir instead of linking to link to the files but before I try that I want to be sure I wont break anything.
More information about the arch-general