[Bug 1764848] Re: Upgrade to ca-certificates to 20180409 causes ca-certificates.crt to be removed if duplicate certs found

** Changed in: ca-certificates (Debian) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1764848 Title: Upgrade to ca-certificates to 20180409 causes

[Bug 1764848] Re: Upgrade to ca-certificates to 20180409 causes ca-certificates.crt to be removed if duplicate certs found

** Changed in: ca-certificates (Debian) Status: New => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1764848 Title: Upgrade to ca-certificates to 20180409 causes

[Bug 1764848] Re: Upgrade to ca-certificates to 20180409 causes ca-certificates.crt to be removed if duplicate certs found

The code of openssl does not need changing a new version of the package has been uploaded to the archive for Ubuntu 18.04. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1764848 Title: Upgrade to

[Bug 1764848] Re: Upgrade to ca-certificates to 20180409 causes ca-certificates.crt to be removed if duplicate certs found

I know as an end-user it would be nice to be prompted about what to do with a duplicate certificate. That way when you are install more than one packages you will not have to run "apt install -f" to get things working. -- You received this bug notification because you are a member of Ubuntu

[Bug 1764848] Re: Upgrade to ca-certificates to 20180409 causes ca-certificates.crt to be removed if duplicate certs found

"Wenn Sie in diesen weiteren Code von openssl eintauchen, gibt apps / rehash.c 1 zurück, wenn ein doppeltes Zertifikat gefunden wird. https: // github. com / openssl / openssl / blob / master / apps / rehash. c # L126 Während c_rehash.c gerade zurückkehrt. https: // github. com / openssl /

[Bug 1764848] Re: Upgrade to ca-certificates to 20180409 causes ca-certificates.crt to be removed if duplicate certs found

** Changed in: ca-certificates (Ubuntu Bionic) Status: Confirmed => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1764848 Title: Upgrade to ca-certificates to 20180409 causes

[Bug 1764848] Re: Upgrade to ca-certificates to 20180409 causes ca-certificates.crt to be removed if duplicate certs found

This bug was fixed in the package openssl - 1.1.0g-2ubuntu4 --- openssl (1.1.0g-2ubuntu4) bionic; urgency=medium * debian/patches/rehash-pass-on-dupes.patch: Don't return 1 when a duplicate certificate is found. (LP: #1764848) -- Brian Murray Wed, 25 Apr

[Bug 1764848] Re: Upgrade to ca-certificates to 20180409 causes ca-certificates.crt to be removed if duplicate certs found

** Also affects: openssl (Ubuntu) Importance: Undecided Status: New ** Changed in: openssl (Ubuntu Bionic) Status: New => In Progress ** Changed in: openssl (Ubuntu Bionic) Importance: Undecided => High ** Changed in: openssl (Ubuntu Bionic) Assignee: (unassigned) =>

[Bug 1764848] Re: Upgrade to ca-certificates to 20180409 causes ca-certificates.crt to be removed if duplicate certs found

Digging into this further openssl's code apps/rehash.c returns 1 when a duplicate certificate is found. https://github.com/openssl/openssl/blob/master/apps/rehash.c#L126 While c_rehash.c just returns. https://github.com/openssl/openssl/blob/master/tools/c_rehash.in#L172 -- You received this

[Bug 1764848] Re: Upgrade to ca-certificates to 20180409 causes ca-certificates.crt to be removed if duplicate certs found

Reverting the commit Laney identified did resolve the issue for me. (xenial-amd64)root@impulse:/home/bdmurray/tmp# dpkg -i ca-certificates_20180409ubuntu1_all.deb (Reading database ... 34380 files and directories currently installed.) Preparing to unpack ca-certificates_20180409ubuntu1_all.deb

[Bug 1764848] Re: Upgrade to ca-certificates to 20180409 causes ca-certificates.crt to be removed if duplicate certs found

For people experiencing this bug if the duplicate certificate is Go_Daddy_Class_2_CA.pem provided by python-ubuntu-sso-client you can resolve this by purging the package e.g. "sudo apt-get purge python-ubuntu-sso-client" -- You received this bug notification because you are a member of Ubuntu

[Bug 1764848] Re: Upgrade to ca-certificates to 20180409 causes ca-certificates.crt to be removed if duplicate certs found

** Changed in: ca-certificates (Debian) Status: Unknown => New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1764848 Title: Upgrade to ca-certificates to 20180409 causes ca-certificates.crt

[Bug 1764848] Re: Upgrade to ca-certificates to 20180409 causes ca-certificates.crt to be removed if duplicate certs found

** Tags added: id-5ada3680136e07b5b524b90d -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1764848 Title: Upgrade to ca-certificates to 20180409 causes ca-certificates.crt to be removed if

[Bug 1764848] Re: Upgrade to ca-certificates to 20180409 causes ca-certificates.crt to be removed if duplicate certs found

** Also affects: ca-certificates (Ubuntu Bionic) Importance: Undecided Status: Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1764848 Title: Upgrade to ca-certificates to

[Bug 1764848] Re: Upgrade to ca-certificates to 20180409 causes ca-certificates.crt to be removed if duplicate certs found

Here's the thread on debian-devel that describes the motivation for the change: https://lists.debian.org/debian-devel/2018/04/msg00058.html Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu.

[Bug 1764848] Re: Upgrade to ca-certificates to 20180409 causes ca-certificates.crt to be removed if duplicate certs found

I added some commentary to https://bugs.debian.org/cgi- bin/bugreport.cgi?bug=895473 I haven't tested this, but probably reverting https://salsa.debian.org/debian/ca- certificates/commit/1bc87e0b41a04551a93d4e784e158b044c18792a would get us back to a working state. ** Bug watch added: Debian Bug

[Bug 1764848] Re: Upgrade to ca-certificates to 20180409 causes ca-certificates.crt to be removed if duplicate certs found

** Tags added: bionic rls-bb-incoming -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1764848 Title: Upgrade to ca-certificates to 20180409 causes ca-certificates.crt to be removed if duplicate

[Bug 1764848] Re: Upgrade to ca-certificates to 20180409 causes ca-certificates.crt to be removed if duplicate certs found

** Changed in: ca-certificates (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1764848 Title: Upgrade to ca-certificates to 20180409 causes

[Bug 1764848] Re: Upgrade to ca-certificates to 20180409 causes ca-certificates.crt to be removed if duplicate certs found

I was able to recreate this when upgrading a Ubuntu 16.04 chroot to Ubuntu 18.04 by editing /etc/apt/sources.list from xenial to bionic and running 'apt-get dist-upgrade'. Setting up ca-certificates (20180409) ... Updating certificates in /etc/ssl/certs... rehash: skipping duplicate certificate

[Bug 1764848] Re: Upgrade to ca-certificates to 20180409 causes ca-certificates.crt to be removed if duplicate certs found

perhaps a proper fix is for ubuntu-sso-client to release a new python- ubuntu-sso-client package in bionic that doesn't include this UbuntuOne- Go_Daddy_Class_2_CA.pem now that ca-certificates package has the CA. However, I'd still like to see duplicate certs not causing ca- certificates.crt to