[Touch-packages] [Bug 1551615] Re: Alternative chain verification failure after 1024b root CAs removal

** Changed in: ca-certificates (Debian) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ca-certificates in Ubuntu. https://bugs.launchpad.net/bugs/1551615 Title: Alternative chain

[Touch-packages] [Bug 1551615] Re: Alternative chain verification failure after 1024b root CAs removal

Marcin, thanks for the report, and thanks for LANG=C, that's a serious help :) Note that openssl s_client requires also giving a path to the CA root store to use, e.g.: openssl s_client -connect ebank.db-pbc.pl:443 -CApath /etc/ssl/certs/ It doesn't change this issue but may be useful for the

[Touch-packages] [Bug 1551615] Re: Alternative chain verification failure after 1024b root CAs removal

Marcin, It looks like your bank renewed their SSL cert on Feb 9th, and they forgot to include the intermediate certificate. This is a configuration problem on their end and has nothing to do with Ubuntu updates. Tell them to go to the following page and type in ebank.db-pbc.pl for more

[Touch-packages] [Bug 1551615] Re: Alternative chain verification failure after 1024b root CAs removal

11:26 hrw@malenstwo:~$ LC_ALL=C wget ebank.db-pbc.pl --2016-03-03 11:26:05-- http://ebank.db-pbc.pl/ Resolving ebank.db-pbc.pl (ebank.db-pbc.pl)... 160.83.21.131 Connecting to ebank.db-pbc.pl (ebank.db-pbc.pl)|160.83.21.131|:80... connected. HTTP request sent, awaiting response... 302 Found

[Touch-packages] [Bug 1551615] Re: Alternative chain verification failure after 1024b root CAs removal

I received the user report and did a quick check using a fresh installation of 14.04. I disabled updates at install because I wanted to test before and after updating ca-certificates. I then only updated ca- certificates which showed the problem (curl https://einstein.phys.uwm.edu was not

[Touch-packages] [Bug 1551615] Re: Alternative chain verification failure after 1024b root CAs removal

Glad that it's working, thanks! I'm closing this bug. ** Changed in: ca-certificates (Ubuntu) Status: Incomplete => Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ca-certificates in Ubuntu.

[Touch-packages] [Bug 1551615] Re: Alternative chain verification failure after 1024b root CAs removal

We released updated openssl packages to handle that case: http://www.ubuntu.com/usn/usn-2913-3/ What version of openssl do you have installed? What specific site are you unable to access? ** Changed in: ca-certificates (Ubuntu) Status: New => Incomplete -- You received this bug

[Touch-packages] [Bug 1551615] Re: Alternative chain verification failure after 1024b root CAs removal

** Changed in: ca-certificates (Debian) Status: Unknown => New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ca-certificates in Ubuntu. https://bugs.launchpad.net/bugs/1551615 Title: Alternative chain verification