Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Certificate verification failed / Error in certificate verification when trying to install Cyberduck CLI using Debian package #10448

Closed
cyberduck opened this issue Aug 30, 2018 · 3 comments

Comments

@cyberduck
Copy link
Collaborator

@cyberduck cyberduck commented Aug 30, 2018

0690414 created the issue

The following steps were performed and results received in a fresh Ubuntu 18.04.1 LTS (Bionic Beaver) server Docker Container.
Is this expected?

echo -e "deb https://s3.amazonaws.com/repo.deb.cyberduck.io nightly main" > /etc/apt/sources.list.d/cyberduck.list
echo -e "deb https://s3.amazonaws.com/repo.deb.cyberduck.io stable main" >> /etc/apt/sources.list.d/cyberduck.list
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys FE7097963FEFBE72
apt-get update

Results:

Ign:1 https://s3.amazonaws.com/repo.deb.cyberduck.io nightly InRelease
Hit:2 http://security.ubuntu.com/ubuntu bionic-security InRelease                             
Hit:3 http://archive.ubuntu.com/ubuntu bionic InRelease                                            
Ign:4 https://s3.amazonaws.com/repo.deb.cyberduck.io stable InRelease                            
Hit:5 http://archive.ubuntu.com/ubuntu bionic-updates InRelease                                  
Err:6 https://s3.amazonaws.com/repo.deb.cyberduck.io nightly Release                              
  Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown.  Could not handshake: Error in the certificate verification. [IP: 52.216.32.43 443]
Hit:7 http://archive.ubuntu.com/ubuntu bionic-backports InRelease                                 
Err:8 https://s3.amazonaws.com/repo.deb.cyberduck.io stable Release         
  Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown.  Could not handshake: Error in the certificate verification. [IP: 52.216.32.43 443]
Reading package lists... Done                                               
W: https://s3.amazonaws.com/repo.deb.cyberduck.io/dists/nightly/InRelease: No system certificates available. Try installing ca-certificates.
W: https://s3.amazonaws.com/repo.deb.cyberduck.io/dists/stable/InRelease: No system certificates available. Try installing ca-certificates.
W: https://s3.amazonaws.com/repo.deb.cyberduck.io/dists/nightly/Release: No system certificates available. Try installing ca-certificates.
E: The repository 'https://s3.amazonaws.com/repo.deb.cyberduck.io nightly Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: https://s3.amazonaws.com/repo.deb.cyberduck.io/dists/stable/Release: No system certificates available. Try installing ca-certificates.
E: The repository 'https://s3.amazonaws.com/repo.deb.cyberduck.io stable Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
@cyberduck
Copy link
Collaborator Author

@cyberduck cyberduck commented Aug 30, 2018

@dkocher commented

I cannot reproduce this on Linux ubuntu 4.15.0-20-generic #21-Ubuntu SMP Tue Apr 24 06:16:15 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux.

@cyberduck
Copy link
Collaborator Author

@cyberduck cyberduck commented Aug 30, 2018

0690414 commented

Apparently since this was a bare bones server setup it needed that ca-certificate setup first.

Adding the following to my setup resolved the issue:

apt-get install -y ca-certificates

FWIW,

There were also some other dependencies required that are not already installed in a fresh install. (sudo, gnupg)

So my full commands from a fresh install of Ubuntu 18.04 are now:

export DEBIAN_FRONTEND=noninteractive 
apt-get -y update && apt-get install -y sudo apt-utils gnupg ca-certificates
echo deb https://s3.amazonaws.com/repo.deb.cyberduck.io stable main >> /etc/apt/sources.list.d/cyberduck.list
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys FE7097963FEFBE72
apt-get -y update
apt-get -y install duck

In case it is useful, I also found that if ca-certificates was already installed and this problem existed, you can do a clear and reinstall of ca-certificates: https://stackoverflow.com/a/29319873

@cyberduck cyberduck closed this Aug 30, 2018
@cyberduck
Copy link
Collaborator Author

@cyberduck cyberduck commented Aug 31, 2018

@dkocher commented

Replying to [comment:4 patakijv]:

Apparently since this was a bare bones server setup it needed that ca-certificate setup first.

Thank you for providing the exact steps to resolve this.

@iterate-ch iterate-ch locked as resolved and limited conversation to collaborators Nov 26, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
1 participant