[gentoo-user] Duplicate ca certs

Mick Sun, 17 Aug 2008 02:39:45 -0700

Hi All,

I am getting mixed up with update-ca-certificates.  It reports that I have 
duplicates:
=================================================
# update-ca-certificates 
Updating certificates in /etc/ssl/certs....WARNING: SPI_CA_2006-cacert.pem 
does not contain a certificate or CRL: skipping
WARNING: Verisign_Class_1_Public_Primary_OCSP_Responder.pem does not contain a 
certificate or CRL: skipping
WARNING: cacert.org.pem does not contain a certificate or CRL: skipping
WARNING: Skipping duplicate certificate QuoVadis_Root_CA.pem
WARNING: Skipping duplicate certificate Verisign_RSA_Secure_Server_CA.pem
WARNING: Skipping duplicate certificate 
America_Online_Root_Certification_Authority_1.pem
WARNING: Skipping duplicate certificate 
America_Online_Root_Certification_Authority_2.pem
WARNING: Verisign_Class_3_Public_Primary_OCSP_Responder.pem does not contain a 
certificate or CRL: skipping
WARNING: Skipping duplicate certificate thawteCb.pem
WARNING: Skipping duplicate certificate Wells_Fargo_Root_CA.pem
WARNING: Skipping duplicate certificate thawteCp.pem
WARNING: Skipping duplicate certificate vsign3.pem
WARNING: spi-ca.pem does not contain a certificate or CRL: skipping
WARNING: Verisign_Secure_Server_OCSP_Responder.pem does not contain a 
certificate or CRL: skipping
WARNING: Skipping duplicate certificate aoltw1.pem
WARNING: Skipping duplicate certificate aoltw2.pem
WARNING: Verisign_Class_2_Public_Primary_OCSP_Responder.pem does not contain a 
certificate or CRL: skipping
done.
Running hooks in /etc/ca-certificates/update.d....done.
=================================================


However, when I check for e.g. vsign3.pem I see this:

# ls -la /etc/ssl/certs/vsign*    
-rw-r--r-- 1 root root  984 Jun  1 09:43 /etc/ssl/certs/vsign1.pem
-rw-r--r-- 1 root root  989 Dec  4  2005 /etc/ssl/certs/vsign2.pem
-rw-r--r-- 1 root root  984 Jun  1 09:43 /etc/ssl/certs/vsign3.pem
-rw-r--r-- 1 root root  976 Jun  1 09:43 /etc/ssl/certs/vsignss.pem
-rw-r--r-- 1 root root 1084 Dec  4  2005 /etc/ssl/certs/vsigntca.pem

Also, what should I do with those that report "does not contain a certificate 
or CRL: skipping"?
-- 
Regards,
Mick

signature.asc
Description: This is a digitally signed message part.

[gentoo-user] Duplicate ca certs

Reply via email to