Date: Thu, 25 Feb 2021 02:21:23 +0100 From: "Herbert J. Skuhra" <herbert@gojira.at> To: freebsd-stable@freebsd.org Subject: Re: FreeBSD-EN-21:07.caroot.asc question Message-ID: <YDb7kznuOD/anXmK@mail.bsd4all.net> In-Reply-To: <CAOYYArLSoSPTG7yJ0wFw4UybGEbi7yKMBUw6nJgy4sR%2BjcB=Aw@mail.gmail.com> References: <CAOYYArLSoSPTG7yJ0wFw4UybGEbi7yKMBUw6nJgy4sR%2BjcB=Aw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Feb 24, 2021 at 06:42:17PM -0600, Greg Balfour wrote: > After installing the security and errata patches that came out today > on my 12.2-RELEASE system, I see the following during the "make > installworld" step. Is this the expected output after removing > certificates from the root certificate bundle or did something go > wrong? > > [...] > -------------------------------------------------------------- > >>> Installing everything completed on Wed Feb 24 18:16:59 CST 2021 > -------------------------------------------------------------- > Scanning /usr/share/certs/blacklisted for certificates... > Scanning /usr/share/certs/trusted for certificates... > unable to load certificate > 34371108864:error:0909006C:PEM routines:get_name:no start > line:/usr/src/crypto/openssl/crypto/pem/pem_lib.c:745:Expecting: > TRUSTED CERTIFICATE > Error: /usr/share/certs/trusted/GeoTrust_Global_CA.pem > unable to load certificate > 34371108864:error:0909006C:PEM routines:get_name:no start > line:/usr/src/crypto/openssl/crypto/pem/pem_lib.c:745:Expecting: > TRUSTED CERTIFICATE > Error: /usr/share/certs/trusted/GeoTrust_Primary_Certification_Authority.pem > unable to load certificate > 34371108864:error:0909006C:PEM routines:get_name:no start > line:/usr/src/crypto/openssl/crypto/pem/pem_lib.c:745:Expecting: > TRUSTED CERTIFICATE > Error: /usr/share/certs/trusted/GeoTrust_Primary_Certification_Authority_-_G3.pem > unable to load certificate > 34371108864:error:0909006C:PEM routines:get_name:no start > line:/usr/src/crypto/openssl/crypto/pem/pem_lib.c:745:Expecting: > TRUSTED CERTIFICATE > Error: /usr/share/certs/trusted/GeoTrust_Universal_CA.pem > unable to load certificate > 34371108864:error:0909006C:PEM routines:get_name:no start > line:/usr/src/crypto/openssl/crypto/pem/pem_lib.c:745:Expecting: > TRUSTED CERTIFICATE > Error: /usr/share/certs/trusted/GeoTrust_Universal_CA_2.pem > unable to load certificate > 34371108864:error:0909006C:PEM routines:get_name:no start > line:/usr/src/crypto/openssl/crypto/pem/pem_lib.c:745:Expecting: > TRUSTED CERTIFICATE > Error: /usr/share/certs/trusted/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.pem > unable to load certificate > 34371108864:error:0909006C:PEM routines:get_name:no start > line:/usr/src/crypto/openssl/crypto/pem/pem_lib.c:745:Expecting: > TRUSTED CERTIFICATE > Error: /usr/share/certs/trusted/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.pem > unable to load certificate > 34371108864:error:0909006C:PEM routines:get_name:no start > line:/usr/src/crypto/openssl/crypto/pem/pem_lib.c:745:Expecting: > TRUSTED CERTIFICATE > Error: /usr/share/certs/trusted/thawte_Primary_Root_CA.pem > unable to load certificate > 34371108864:error:0909006C:PEM routines:get_name:no start > line:/usr/src/crypto/openssl/crypto/pem/pem_lib.c:745:Expecting: > TRUSTED CERTIFICATE > Error: /usr/share/certs/trusted/thawte_Primary_Root_CA_-_G2.pem > unable to load certificate > 34371108864:error:0909006C:PEM routines:get_name:no start > line:/usr/src/crypto/openssl/crypto/pem/pem_lib.c:745:Expecting: > TRUSTED CERTIFICATE > Error: /usr/share/certs/trusted/thawte_Primary_Root_CA_-_G3.pem Patch does not remove empty files unless "-E" switch is used. The pem files above are propably empty and you have to remove them manually (both in /usr/src and /usr/share). Why are you not using svn/git to update /usr/src? -- Herbert
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?YDb7kznuOD/anXmK>