-
Notifications
You must be signed in to change notification settings - Fork 407
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Base image cannot verify package repo certs #322
Comments
Same thing here! |
We're working on a release with the ca-certificates bundle updated, in the meantime you can add this to your
|
This syntax isn't working for me. Here is the error.
I'll post if I find a solution. |
Ah sorry that's bash syntax, I usually switch my shell to bash, just use
And reverse the mv args when putting it back. |
Thanks so much and for responding so quickly! |
Still getting errors.
Here's what I've put in the
|
@kellyeryan its seem to work on our side, we added the snipped you shared
|
Hmm can you grep the /etc/apt/ directory for the passenger repo definition file? It's in /etc/apt/sources.list.d/passenger.list in the most recent passenger docker image, but you might be using an older one (xenial based). @kellyeryan |
Yes! It looks like it is xenial based.
Is that what you need? |
A 16.04 image has OpenSSL |
Hmm odd that it still tried to update the passenger repo while it was disabled. or was that after putting the |
@benlangfeld the xenial situation is fixable by removing the expired root (which i assume is what the ca-certificates package update does). I bumped several of our internal docker images today to fix our CI while working on the release so i know xenial CAN work. |
I'm getting the following error after adding the suggested lines to our production Dockerfile.
We're current on
|
thanks for the solutions |
@CamJN Sorry to bump this so soon, but have you managed to bundle the certificates for the |
After perform the proposed fix:
We are still receiveing errors:
|
For now, I was able to solve temporary by disabling the phusion sources list. Once this ticket get resolved we will reenable back.
|
@niltonvasques This should only be temporary until a fix is deployed, but you should only revert back to the original source.list after any other package install has run.
Clearer example
Again this is only a temporary fix but I hope it helps |
In the meanwhile, try replacing focal by groovy dist for Passenger:
|
@illdelph this seems to have worked for me.
Thank you. |
Ok new version (2.0.0) pushed to docker hub. This should be fixed now. |
Can you tag latest ruby25 please? |
@teyamagu @kwstannard the ruby 2.5 and 2.4 images were discontinued because those rubies are EOL, the tags got touched by the release scripts (this has been fixed since, so shouldn't happen again) but there are no changes. |
@CamJN I got it. thanks! |
Since the new images are out i'm closing this. |
https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/
The text was updated successfully, but these errors were encountered: