Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Léo-Paul Géneau
slapos
Commits
2f87888d
Commit
2f87888d
authored
Dec 03, 2021
by
Julien Muchembled
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
vm-img: fix partially Let's Encrypt certificate on old OS due to expired root CA
parent
59dff29d
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
11 additions
and
0 deletions
+11
-0
component/vm-img/debian.cfg
component/vm-img/debian.cfg
+11
-0
No files found.
component/vm-img/debian.cfg
View file @
2f87888d
...
...
@@ -32,6 +32,17 @@ late-command =
# a DNS proxy on both IPv4 and IPv6 without translating queries to what the
# host supports.
dpkg -P rdnssd
# Fix partially Let's Encrypt certificate on old OS due to expired root CA.
# This is enough for Python but not wget.
dpkg --compare-versions 20200601~ le `dpkg-query -f '$${Version}' -W ca-certificates 2>/dev/null ||echo 1:0` || (
set ca-certificates_20200601~deb9u2_all.deb
wget http://security.debian.org/debian-security/pool/updates/main/c/ca-certificates/$1
echo 6cb3ce4329229d71a6f06b9f13c710457c05a469012ea31853ac300873d5a3e1 $1 |sha256sum -c
dpkg -i $1
rm $1
cd /etc/ssl/certs
rm DST_Root_CA_X3.pem 2e5ac55d.0 12d55845.0
)
mount |grep -q 'on / .*\bdiscard\b' || ! type fstrim || {
apt-get clean
sync
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment