perhaps a proper fix is for ubuntu-sso-client to release a new python-
ubuntu-sso-client package in bionic that doesn't include this UbuntuOne-
Go_Daddy_Class_2_CA.pem now that ca-certificates package has the CA.
However, I'd still like to see duplicate certs not causing ca-
certificates.crt to be deleted.
** Also affects: ubuntu-sso-client
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ca-certificates in Ubuntu.
https://bugs.launchpad.net/bugs/1764848
Title:
Upgrade to ca-certificates to 20180409 causes ca-certificates.crt to
be removed if duplicate certs found
Status in Ubuntu Single Sign On Client:
New
Status in ca-certificates package in Ubuntu:
New
Bug description:
The certificate /usr/share/ca-
certificates/mozilla/Go_Daddy_Class_2_CA.crt in package ca-
certificates is conflicting with /etc/ssl/certs/UbuntuOne-
Go_Daddy_Class_2_CA.pem from package python-ubuntu-sso-client.
This results in the postinst trigger for ca-certificates to remove the
/etc/ssl/certs/ca-certificates.crt file. This happens because the
postinst trigger runs update-ca-certificates --fresh.
If I run update-ca-certificates without the --fresh flag, the conflict
is a non-issue and the ca-certificates.crt file is restored.
If I understand some of the postinst code correctly, --fresh should
only be run if called directly or if upgrading from a ca-certificates
version older than 2011.
Running bionic with daily -updates channel and ran into this this
morning due to the release of ca-certificates version 20180409.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-sso-client/+bug/1764848/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
