Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Lu Xu
slapos
Commits
2f87888d
Commit
2f87888d
authored
Dec 03, 2021
by
Julien Muchembled
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
vm-img: fix partially Let's Encrypt certificate on old OS due to expired root CA
parent
59dff29d
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
11 additions
and
0 deletions
+11
-0
component/vm-img/debian.cfg
component/vm-img/debian.cfg
+11
-0
No files found.
component/vm-img/debian.cfg
View file @
2f87888d
...
...
@@ -32,6 +32,17 @@ late-command =
# a DNS proxy on both IPv4 and IPv6 without translating queries to what the
# host supports.
dpkg -P rdnssd
# Fix partially Let's Encrypt certificate on old OS due to expired root CA.
# This is enough for Python but not wget.
dpkg --compare-versions 20200601~ le `dpkg-query -f '$${Version}' -W ca-certificates 2>/dev/null ||echo 1:0` || (
set ca-certificates_20200601~deb9u2_all.deb
wget http://security.debian.org/debian-security/pool/updates/main/c/ca-certificates/$1
echo 6cb3ce4329229d71a6f06b9f13c710457c05a469012ea31853ac300873d5a3e1 $1 |sha256sum -c
dpkg -i $1
rm $1
cd /etc/ssl/certs
rm DST_Root_CA_X3.pem 2e5ac55d.0 12d55845.0
)
mount |grep -q 'on / .*\bdiscard\b' || ! type fstrim || {
apt-get clean
sync
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment