You are not logged in.

#1 2024-04-07 21:33:57

OhKay_Bet
Member
Registered: 2023-11-16
Posts: 28

[SOLVED] setting certificate file: /etc/ssl/certs/ca-certificates.crt

Every now and then my laptop unsafely shuts down, typically due to me forgetting to charge. Whenever this happens something typically breaks and I have to figure out how to fix it. Ive been able to figure out how to fix most things, but the most recent time broke my pacman. After searching around I figured out that my etc/ca-certificates dir was just gone. was able to remake the dir's to run

 update-ca-trust 

; but I'm still lost as looking around some more shows that there should be a trust-source dir that doesnt exist as well and I'm not sure where to find the proper .crt files to run a

trust anchor

. I wouldn't mind taking my time to figure it out typically, but with the xc vulnerability I don't want to take any chances.

Output

 pacman -Syu

:: Synchronizing package databases...
 core.db failed to download
 extra.db failed to download
 multilib.db failed to download
error: failed retrieving file 'extra.db' from ftp.acc.umu.se : error setting certificate file: /etc/ssl/certs/ca-certificates.crt
error: failed retrieving file 'multilib.db' from ftp.acc.umu.se : error setting certificate file: /etc/ssl/certs/ca-certificates.crt
error: failed retrieving file 'core.db' from ftp.acc.umu.se : error setting certificate file: /etc/ssl/certs/ca-certificates.crt
warning: too many errors from ftp.acc.umu.se, skipping for the remainder of this transaction
error: failed retrieving file 'core.db' from ftp.ludd.ltu.se : error setting certificate file: /etc/ssl/certs/ca-certificates.crt
error: failed retrieving file 'extra.db' from ftp.ludd.ltu.se : error setting certificate file: /etc/ssl/certs/ca-certificates.crt
error: failed retrieving file 'multilib.db' from ftp.ludd.ltu.se : error setting certificate file: /etc/ssl/certs/ca-certificates.crt
warning: too many errors from ftp.ludd.ltu.se, skipping for the remainder of this transaction
error: failed retrieving file 'core.db' from ftp.lysator.liu.se : error setting certificate file: /etc/ssl/certs/ca-certificates.crt
error: failed retrieving file 'extra.db' from ftp.lysator.liu.se : error setting certificate file: /etc/ssl/certs/ca-certificates.crt
error: failed retrieving file 'multilib.db' from ftp.lysator.liu.se : error setting certificate file: /etc/ssl/certs/ca-certificates.crt
warning: too many errors from ftp.lysator.liu.se, skipping for the remainder of this transaction
error: failed retrieving file 'core.db' from mirror.bahnhof.net : error setting certificate file: /etc/ssl/certs/ca-certificates.crt
error: failed retrieving file 'extra.db' from mirror.bahnhof.net : error setting certificate file: /etc/ssl/certs/ca-certificates.crt
error: failed retrieving file 'multilib.db' from mirror.bahnhof.net : error setting certificate file: /etc/ssl/certs/ca-certificates.crt
warning: too many errors from mirror.bahnhof.net, skipping for the remainder of this transaction
error: failed retrieving file 'core.db' from mirror.osbeck.com : error setting certificate file: /etc/ssl/certs/ca-certificates.crt
error: failed retrieving file 'extra.db' from mirror.osbeck.com : error setting certificate file: /etc/ssl/certs/ca-certificates.crt
error: failed retrieving file 'multilib.db' from mirror.osbeck.com : error setting certificate file: /etc/ssl/certs/ca-certificates.crt
warning: too many errors from mirror.osbeck.com, skipping for the remainder of this transaction
error: failed to synchronize all databases (download library error) 
  pacman -Qkk ca-certificates-{cacert,mozilla,utils} p11-kit libp11-kit

error: package 'ca-certificates-cacert' was not found
ca-certificates-mozilla: 5 total files, 0 altered files
warning: ca-certificates-utils: /etc/ca-certificates/README (No such file or directory)
warning: ca-certificates-utils: /etc/ca-certificates/extracted/README (No such file or directory)
warning: ca-certificates-utils: /etc/ca-certificates/trust-source (No such file or directory)
warning: ca-certificates-utils: /etc/ca-certificates/trust-source/README (No such file or directory)
warning: ca-certificates-utils: /etc/ca-certificates/trust-source/anchors (No such file or directory)
warning: ca-certificates-utils: /etc/ca-certificates/trust-source/blocklist (No such file or directory)
warning: ca-certificates-utils: /etc/ssl/README (No such file or directory)
warning: ca-certificates-utils: /etc/ssl/cert.pem (No such file or directory)
warning: ca-certificates-utils: /etc/ssl/certs/ca-bundle.crt (No such file or directory)
warning: ca-certificates-utils: /etc/ssl/certs/ca-certificates.crt (No such file or directory)
warning: ca-certificates-utils: /etc/ssl/certs/java/README (No such file or directory)
ca-certificates-utils: 33 total files, 11 altered files
p11-kit: 246 total files, 0 altered files
libp11-kit: 29 total files, 0 altered files 
 which p11-kit

/usr/bin/p11-kit 

Last edited by OhKay_Bet (2024-04-07 22:29:35)

Offline

#2 2024-04-07 21:46:44

seth
Member
Registered: 2012-09-03
Posts: 54,430

Re: [SOLVED] setting certificate file: /etc/ssl/certs/ca-certificates.crt

Use a http mirror (not https) or fix the package offline (install iso, pacman --sysroot)

Online

#3 2024-04-07 22:06:31

OhKay_Bet
Member
Registered: 2023-11-16
Posts: 28

Re: [SOLVED] setting certificate file: /etc/ssl/certs/ca-certificates.crt

seth wrote:

Use a http mirror (not https) or fix the package offline (install iso, pacman --sysroot)

So I did the http mirror, no https and all of the signatures for each packages had to be accepted manually. After accepting all were unknown trust.

Example

error: xorg-xwayland: signature from "Andreas Radke <andyrtr@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/xorg-xwayland-23.2.5-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] 
error: failed to commit transaction (invalid or corrupted package (PGP signature))

Last edited by OhKay_Bet (2024-04-07 22:07:39)

Offline

#4 2024-04-07 22:13:04

seth
Member
Registered: 2012-09-03
Posts: 54,430

Re: [SOLVED] setting certificate file: /etc/ssl/certs/ca-certificates.crt

and all of the signatures for each packages had to be accepted manually

All of what signatures of what packages?
The plan was to re-install ca-certificates-utils only?

Please don't paraphrase, https://bbs.archlinux.org/viewtopic.php?id=57855 - post the actual output you get.
In doubt

update https://archlinux.org/packages/core/any … x-keyring/ and as last resort to https://wiki.archlinux.org/title/Pacman … l_the_keys

But first post the actual status quo so we know what we're talking about.

Last edited by seth (2024-04-07 22:15:02)

Online

#5 2024-04-07 22:28:32

OhKay_Bet
Member
Registered: 2023-11-16
Posts: 28

Re: [SOLVED] setting certificate file: /etc/ssl/certs/ca-certificates.crt

seth wrote:

and all of the signatures for each packages had to be accepted manually

All of what signatures of what packages?

Signatures of any packages

The plan was to re-install ca-certificates-utils only?

I didn't know that

Please don't paraphrase, https://bbs.archlinux.org/viewtopic.php?id=57855 - post the actual output you get.
In doubt

That was the actual output there was just so many repeats of that for different packages where I couldn't/ didn't know how to cp it all.

had to

pacman-keys --init; pacman-keys --populate

which allowed the reinstalation of archlinux-keyring and ca-certificates-utils

system works as intended; solved

Offline

Board footer

Powered by FluxBB