maemo.org - Talk - View Single Post - error with https, cacert.org and microb

	Feathers McGraw	2015-01-18 , 14:15
	Posts: 654 \| Thanked: 2,368 times \| Joined on Jul 2014 @ UK	#2

Hi!

I've used cacert before, but never on maemo (i'm new). Since the filesystem structure is different, I had to do a bit of digging but i think this will work...

This is taken from a tutorial I wrote for raspberry pi/ubuntu. I'd post a link too but i'm not sure if that's considered impolite here or not (is it?).

If you look in your certs directory (ls -l /etc/ssl/certs) you will see that all of the certs have sensible certificate names like GeoTrust_Global_CA.pem, but there are also a load of symbolic links with names like 2c543cd1.0 that point to the certificate files with the human readable names.

Those symlink names like 2c543cd1.0 are hashes of the certificate files, and are there to enable programs on your computer to quickly check whether the root certificate is in your computer's certificate directory or not. Some programs manage to recognise that the certificate is installed just fine without the symlinks, but some of them do not. Openssl is one of the ones that doesn't.

So, we need to make use of one more command to create a symlink for the newly installed cacert-root.crt (this will also refresh the symlinks for the rest of the certs in the folder):
Code:
sudo c_rehash /etc/ssl/certs

In maemo, it appears these certs are installed in a different directory, so the modified command to re-hash your certificates is:

Code:

# c_rehash /etc/certs/common-ca/

c_rehash is part of the openssl package.

I've tested the command on maemo and it works, but i haven't installed the cacert root so i can't do a full test to see if it sorts out microb.

HTH!

Last edited by Feathers McGraw; 2015-01-18 at 14:17. Reason: fixed tags

Quote & Reply |

The Following User Says Thank You to Feathers McGraw For This Useful Post:
Wikiwide