# ls -l /var/ssl
total 152
drwxr-xr-x 2 root system 256 Sep 05 10:04 64
lrwxrwxrwx 1 root system 33 Sep 05 10:05 cert.pem -> /home/pichard/certs/ca-bundle.crt
drwxr-xr-x 2 root system 20480 Sep 05 10:04 certs
drwxr-xr-x 2 root system 28672 Sep 02 10:04 certs.old
drwxr-xr-x 2 root system 256 Sep 06 10:04 misc
-rw-r--r-- 1 root system 11485 Jun 16 2021 openssl.cnf
-rw-r--r-- 1 root system 11485 Oct 05 2015 openssl.cnf.rpmorig
# ls -l /var/ssl/certs
total 0
lrwxrwxrwx 1 root system 23 Sep 05 10:04 002c0b4f.0 -> GlobalSign_Root_R46.crt
lrwxrwxrwx 1 root system 45 Sep 05 10:04 02265526.0 -> Entrust_Root_Certification_Authority_-_G2.crt
lrwxrwxrwx 1 root system 36 Sep 05 10:04 03179a64.0 -> Staat_der_Nederlanden_EV_Root_CA.crt
lrwxrwxrwx 1 root system 27 Sep 05 10:04 062cdee6.0 -> GlobalSign_Root_CA_-_R3.crt
lrwxrwxrwx 1 root system 25 Sep 05 10:04 064e0aa9.0 -> QuoVadis_Root_CA_2_G3.crt
lrwxrwxrwx 1 root system 50 Sep 05 10:04 06dc52d5.0 -> SSL.com_EV_Root_Certification_Authority_RSA_R2.crt
lrwxrwxrwx 1 root system 54 Sep 05 10:04 09789157.0 -> Starfield_Services_Root_Certificate_Authority_-_G2.crt
lrwxrwxrwx 1 root system 15 Sep 05 10:04 0a775a30.0 -> GTS_Root_R3.crt
lrwxrwxrwx 1 root system 16 Sep 05 10:04 0b1b94ef.0 -> CFCA_EV_ROOT.crt
lrwxrwxrwx 1 root system 44 Sep 05 10:04 0bf05006.0 -> SSL.com_Root_Certification_Authority_ECC.crt
lrwxrwxrwx 1 root system 32 Sep 05 10:04 0f5dc4f3.0 -> UCA_Extended_Validation_Root.crt
lrwxrwxrwx 1 root system 26 Sep 05 10:04 0f6fa695.0 -> GDCA_TrustAUTH_R5_ROOT.crt
lrwxrwxrwx 1 root system 15 Sep 05 10:04 1001acf7.0 -> GTS_Root_R1.crt
lrwxrwxrwx 1 root system 46 Sep 05 10:04 106f3e4d.0 -> Entrust_Root_Certification_Authority_-_EC1.crt
lrwxrwxrwx 1 root system 27 Sep 05 10:04 14bc7599.0 -> emSign_ECC_Root_CA_-_G3.crt
lrwxrwxrwx 1 root system 59 Sep 05 10:04 1636090b.0 -> Hellenic_Academic_and_Research_Institutions_RootCA_2011.crt
lrwxrwxrwx 1 root system 23 Sep 05 10:04 18856ac4.0 -> SecureSign_RootCA11.crt
lrwxrwxrwx 1 root system 31 Sep 05 10:04 1d3472b9.0 -> GlobalSign_ECC_Root_CA_-_R5.crt
lrwxrwxrwx 1 root system 37 Sep 05 10:04 1e08bfd1.0 -> IdenTrust_Public_Sector_Root_CA_1.crt
lrwxrwxrwx 1 root system 32 Sep 05 10:04 1e09d511.0 -> T-TeleSec_GlobalRoot_Class_2.crt
lrwxrwxrwx 1 root system 38 Sep 05 10:04 244b5494.0 -> DigiCert_High_Assurance_EV_Root_CA.crt
lrwxrwxrwx 1 root system 23 Sep 05 10:04 2923b3f9.0 -> emSign_Root_CA_-_G1.crt
lrwxrwxrwx 1 root system 20 Sep 05 10:04 2ae6433e.0 -> CA_Disig_Root_R2.crt
lrwxrwxrwx 1 root system 26 Sep 05 10:04 2b349938.0 -> AffirmTrust_Commercial.crt
lrwxrwxrwx 1 root system 18 Sep 05 10:04 2e5ac55d.0 -> DST_Root_CA_X3.crt
lrwxrwxrwx 1 root system 59 Sep 05 10:04 32888f65.0 -> Hellenic_Academic_and_Research_Institutions_RootCA_2015.crt
lrwxrwxrwx 1 root system 10 Sep 05 10:04 349f2832.0 -> EC-ACC.crt
lrwxrwxrwx 1 root system 27 Sep 05 10:04 3513523f.0 -> DigiCert_Global_Root_CA.crt
lrwxrwxrwx 1 root system 61 Sep 05 10:04 3bde41ac.0 -> Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.crt
lrwxrwxrwx 1 root system 26 Sep 05 10:04 3e44d2f7.0 -> TrustCor_RootCert_CA-2.crt
lrwxrwxrwx 1 root system 27 Sep 05 10:04 3e45d192.0 -> Hongkong_Post_Root_CA_1.crt
lrwxrwxrwx 1 root system 45 Sep 05 10:04 3fb36b73.0 -> NAVER_Global_Root_Certification_Authority.crt
lrwxrwxrwx 1 root system 31 Sep 05 10:04 40193066.0 -> Certum_Trusted_Network_CA_2.crt
lrwxrwxrwx 1 root system 16 Sep 05 10:04 4042bcee.0 -> ISRG_Root_X1.crt
lrwxrwxrwx 1 root system 34 Sep 05 10:04 40547a79.0 -> COMODO_Certification_Authority.crt
lrwxrwxrwx 1 root system 23 Sep 05 10:04 406c9bb1.0 -> emSign_Root_CA_-_C1.crt
lrwxrwxrwx 1 root system 43 Sep 05 10:04 4304c5e5.0 -> Network_Solutions_Certificate_Authority.crt
lrwxrwxrwx 1 root system 29 Sep 05 10:04 48bec511.0 -> Certum_Trusted_Network_CA.crt
lrwxrwxrwx 1 root system 27 Sep 05 10:04 4a6481c9.0 -> GlobalSign_Root_CA_-_R2.crt
lrwxrwxrwx 1 root system 27 Sep 05 10:04 4b718d9b.0 -> emSign_ECC_Root_CA_-_C3.crt
lrwxrwxrwx 1 root system 45 Sep 05 10:04 4bfab552.0 -> Starfield_Root_Certificate_Authority_-_G2.crt
lrwxrwxrwx 1 root system 26 Sep 05 10:04 4f316efb.0 -> SwissSign_Gold_CA_-_G2.crt
lrwxrwxrwx 1 root system 35 Sep 05 10:04 5273a94c.0 -> E-Tugra_Certification_Authority.crt
lrwxrwxrwx 1 root system 32 Sep 05 10:04 5443e9e3.0 -> T-TeleSec_GlobalRoot_Class_3.crt
lrwxrwxrwx 1 root system 27 Sep 05 10:04 54657681.0 -> Buypass_Class_2_Root_CA.crt
lrwxrwxrwx 1 root system 28 Sep 05 10:04 57bcb2da.0 -> SwissSign_Silver_CA_-_G2.crt
lrwxrwxrwx 1 root system 22 Sep 05 10:04 5ad8a5d6.0 -> GlobalSign_Root_CA.crt
lrwxrwxrwx 1 root system 26 Sep 05 10:04 5cd81ad7.0 -> TeliaSonera_Root_CA_v1.crt
lrwxrwxrwx 1 root system 26 Sep 05 10:04 5d3033c5.0 -> TrustCor_RootCert_CA-1.crt
lrwxrwxrwx 1 root system 45 Sep 05 10:04 5e98733a.0 -> Entrust_Root_Certification_Authority_-_G4.crt
lrwxrwxrwx 1 root system 23 Sep 05 10:04 5f15c80c.0 -> TWCA_Global_Root_CA.crt
lrwxrwxrwx 1 root system 23 Sep 05 10:04 5f618aec.0 -> certSIGN_Root_CA_G2.crt
lrwxrwxrwx 1 root system 27 Sep 05 10:04 607986c7.0 -> DigiCert_Global_Root_G2.crt
lrwxrwxrwx 1 root system 15 Sep 05 10:04 626dceaf.0 -> GTS_Root_R2.crt
lrwxrwxrwx 1 root system 29 Sep 05 10:04 653b494a.0 -> Baltimore_CyberTrust_Root.crt
lrwxrwxrwx 1 root system 27 Sep 05 10:04 68dd7389.0 -> Hongkong_Post_Root_CA_3.crt
lrwxrwxrwx 1 root system 40 Sep 05 10:04 6b99d060.0 -> Entrust_Root_Certification_Authority.crt
lrwxrwxrwx 1 root system 20 Sep 05 10:04 6d41d539.0 -> Amazon_Root_CA_2.crt
lrwxrwxrwx 1 root system 44 Sep 05 10:04 6fa5da56.0 -> SSL.com_Root_Certification_Authority_RSA.crt
lrwxrwxrwx 1 root system 24 Sep 05 10:04 706f604c.0 -> XRamp_Global_CA_Root.crt
lrwxrwxrwx 1 root system 25 Sep 05 10:04 749e9e03.0 -> QuoVadis_Root_CA_1_G3.crt
lrwxrwxrwx 1 root system 28 Sep 05 10:04 75d1b2ed.0 -> DigiCert_Trusted_Root_G4.crt
lrwxrwxrwx 1 root system 26 Sep 05 10:04 76cb8f92.0 -> Cybertrust_Global_Root.crt
lrwxrwxrwx 1 root system 22 Sep 05 10:04 76faf6c0.0 -> QuoVadis_Root_CA_3.crt
lrwxrwxrwx 1 root system 63 Sep 05 10:04 7719f463.0 -> Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.crt
lrwxrwxrwx 1 root system 35 Sep 05 10:04 773e07ad.0 -> OISTE_WISeKey_Global_Root_GC_CA.crt
lrwxrwxrwx 1 root system 18 Sep 05 10:04 7aaf71c0.0 -> TrustCor_ECA-1.crt
lrwxrwxrwx 1 root system 31 Sep 05 10:04 7f3d5d1d.0 -> DigiCert_Assured_ID_Root_G3.crt
lrwxrwxrwx 1 root system 34 Sep 05 10:04 8160b96c.0 -> Microsec_e-Szigno_Root_CA_2009.crt
lrwxrwxrwx 1 root system 20 Sep 05 10:04 8cb5ee0f.0 -> Amazon_Root_CA_3.crt
lrwxrwxrwx 1 root system 20 Sep 05 10:04 8d86cdd1.0 -> certSIGN_ROOT_CA.crt
lrwxrwxrwx 1 root system 49 Sep 05 10:04 8d89cda1.0 -> Microsoft_ECC_Root_Certificate_Authority_2017.crt
lrwxrwxrwx 1 root system 34 Sep 05 10:04 930ac5d2.0 -> Actalis_Authentication_Root_CA.crt
lrwxrwxrwx 1 root system 26 Sep 05 10:04 93bc0acc.0 -> AffirmTrust_Networking.crt
lrwxrwxrwx 1 root system 20 Sep 05 10:04 9482e63a.0 -> Certum_EC-384_CA.crt
lrwxrwxrwx 1 root system 44 Sep 05 10:04 988a38cb.0 -> NetLock_Arany_=Class_Gold=_Fotanusitvany.crt
lrwxrwxrwx 1 root system 53 Sep 05 10:04 9b5697b0.0 -> Trustwave_Global_ECC_P256_Certification_Authority.crt
lrwxrwxrwx 1 root system 27 Sep 05 10:04 9c8dfbd4.0 -> AffirmTrust_Premium_ECC.crt
lrwxrwxrwx 1 root system 31 Sep 05 10:04 9d04f354.0 -> DigiCert_Assured_ID_Root_G2.crt
lrwxrwxrwx 1 root system 31 Sep 05 10:04 9f727ac7.0 -> HARICA_TLS_RSA_Root_CA_2021.crt
lrwxrwxrwx 1 root system 41 Sep 05 10:04 ACCVRAIZ1.crt -> /opt/freeware/etc/ssl/certs/ACCVRAIZ1.crt
lrwxrwxrwx 1 root system 48 Sep 05 10:04 AC_RAIZ_FNMT-RCM.crt -> /opt/freeware/etc/ssl/certs/AC_RAIZ_FNMT-RCM.crt
lrwxrwxrwx 1 root system 67 Sep 05 10:04 AC_RAIZ_FNMT-RCM_SERVIDORES_SEGUROS.crt -> /opt/freeware/etc/ssl/certs/AC_RAIZ_FNMT-RCM_SERVIDORES_SEGUROS.crt
lrwxrwxrwx 1 root system 57 Sep 05 10:04 ANF_Secure_Server_Root_CA.crt -> /opt/freeware/etc/ssl/certs/ANF_Secure_Server_Root_CA.crt
lrwxrwxrwx 1 root system 62 Sep 05 10:04 Actalis_Authentication_Root_CA.crt -> /opt/freeware/etc/ssl/certs/Actalis_Authentication_Root_CA.crt
lrwxrwxrwx 1 root system 54 Sep 05 10:04 AffirmTrust_Commercial.crt -> /opt/freeware/etc/ssl/certs/AffirmTrust_Commercial.crt
lrwxrwxrwx 1 root system 54 Sep 05 10:04 AffirmTrust_Networking.crt -> /opt/freeware/etc/ssl/certs/AffirmTrust_Networking.crt
lrwxrwxrwx 1 root system 51 Sep 05 10:04 AffirmTrust_Premium.crt -> /opt/freeware/etc/ssl/certs/AffirmTrust_Premium.crt
lrwxrwxrwx 1 root system 55 Sep 05 10:04 AffirmTrust_Premium_ECC.crt -> /opt/freeware/etc/ssl/certs/AffirmTrust_Premium_ECC.crt
lrwxrwxrwx 1 root system 48 Sep 05 10:04 Amazon_Root_CA_1.crt -> /opt/freeware/etc/ssl/certs/Amazon_Root_CA_1.crt
lrwxrwxrwx 1 root system 48 Sep 05 10:04 Amazon_Root_CA_2.crt -> /opt/freeware/etc/ssl/certs/Amazon_Root_CA_2.crt
lrwxrwxrwx 1 root system 48 Sep 05 10:04 Amazon_Root_CA_3.crt -> /opt/freeware/etc/ssl/certs/Amazon_Root_CA_3.crt
lrwxrwxrwx 1 root system 48 Sep 05 10:04 Amazon_Root_CA_4.crt -> /opt/freeware/etc/ssl/certs/Amazon_Root_CA_4.crt
lrwxrwxrwx 1 root system 53 Sep 05 10:04 Atos_TrustedRoot_2011.crt -> /opt/freeware/etc/ssl/certs/Atos_TrustedRoot_2011.crt
lrwxrwxrwx 1 root system 89 Sep 05 10:04 Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.crt -> /opt/freeware/etc/ssl/certs/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.crt
lrwxrwxrwx 1 root system 57 Sep 05 10:04 Baltimore_CyberTrust_Root.crt -> /opt/freeware/etc/ssl/certs/Baltimore_CyberTrust_Root.crt
lrwxrwxrwx 1 root system 55 Sep 05 10:04 Buypass_Class_2_Root_CA.crt -> /opt/freeware/etc/ssl/certs/Buypass_Class_2_Root_CA.crt
lrwxrwxrwx 1 root system 55 Sep 05 10:04 Buypass_Class_3_Root_CA.crt -> /opt/freeware/etc/ssl/certs/Buypass_Class_3_Root_CA.crt
lrwxrwxrwx 1 root system 48 Sep 05 10:04 CA_Disig_Root_R2.crt -> /opt/freeware/etc/ssl/certs/CA_Disig_Root_R2.crt
lrwxrwxrwx 1 root system 44 Sep 05 10:04 CFCA_EV_ROOT.crt -> /opt/freeware/etc/ssl/certs/CFCA_EV_ROOT.crt
lrwxrwxrwx 1 root system 62 Sep 05 10:04 COMODO_Certification_Authority.crt -> /opt/freeware/etc/ssl/certs/COMODO_Certification_Authority.crt
lrwxrwxrwx 1 root system 66 Sep 05 10:04 COMODO_ECC_Certification_Authority.crt -> /opt/freeware/etc/ssl/certs/COMODO_ECC_Certification_Authority.crt
lrwxrwxrwx 1 root system 66 Sep 05 10:04 COMODO_RSA_Certification_Authority.crt -> /opt/freeware/etc/ssl/certs/COMODO_RSA_Certification_Authority.crt
lrwxrwxrwx 1 root system 40 Sep 05 10:04 Certigna.crt -> /opt/freeware/etc/ssl/certs/Certigna.crt
lrwxrwxrwx 1 root system 48 Sep 05 10:04 Certigna_Root_CA.crt -> /opt/freeware/etc/ssl/certs/Certigna_Root_CA.crt
lrwxrwxrwx 1 root system 48 Sep 05 10:04 Certum_EC-384_CA.crt -> /opt/freeware/etc/ssl/certs/Certum_EC-384_CA.crt
lrwxrwxrwx 1 root system 57 Sep 05 10:04 Certum_Trusted_Network_CA.crt -> /opt/freeware/etc/ssl/certs/Certum_Trusted_Network_CA.crt
lrwxrwxrwx 1 root system 59 Sep 05 10:04 Certum_Trusted_Network_CA_2.crt -> /opt/freeware/etc/ssl/certs/Certum_Trusted_Network_CA_2.crt
lrwxrwxrwx 1 root system 54 Sep 05 10:04 Certum_Trusted_Root_CA.crt -> /opt/freeware/etc/ssl/certs/Certum_Trusted_Root_CA.crt
lrwxrwxrwx 1 root system 56 Sep 05 10:04 Comodo_AAA_Services_root.crt -> /opt/freeware/etc/ssl/certs/Comodo_AAA_Services_root.crt
lrwxrwxrwx 1 root system 54 Sep 05 10:04 Cybertrust_Global_Root.crt -> /opt/freeware/etc/ssl/certs/Cybertrust_Global_Root.crt
lrwxrwxrwx 1 root system 62 Sep 05 10:04 D-TRUST_Root_Class_3_CA_2_2009.crt -> /opt/freeware/etc/ssl/certs/D-TRUST_Root_Class_3_CA_2_2009.crt
lrwxrwxrwx 1 root system 65 Sep 05 10:04 D-TRUST_Root_Class_3_CA_2_EV_2009.crt -> /opt/freeware/etc/ssl/certs/D-TRUST_Root_Class_3_CA_2_EV_2009.crt
lrwxrwxrwx 1 root system 46 Sep 05 10:04 DST_Root_CA_X3.crt -> /opt/freeware/etc/ssl/certs/DST_Root_CA_X3.crt
lrwxrwxrwx 1 root system 59 Sep 05 10:04 DigiCert_Assured_ID_Root_CA.crt -> /opt/freeware/etc/ssl/certs/DigiCert_Assured_ID_Root_CA.crt
lrwxrwxrwx 1 root system 59 Sep 05 10:04 DigiCert_Assured_ID_Root_G2.crt -> /opt/freeware/etc/ssl/certs/DigiCert_Assured_ID_Root_G2.crt
lrwxrwxrwx 1 root system 59 Sep 05 10:04 DigiCert_Assured_ID_Root_G3.crt -> /opt/freeware/etc/ssl/certs/DigiCert_Assured_ID_Root_G3.crt
lrwxrwxrwx 1 root system 55 Sep 05 10:04 DigiCert_Global_Root_CA.crt -> /opt/freeware/etc/ssl/certs/DigiCert_Global_Root_CA.crt
lrwxrwxrwx 1 root system 55 Sep 05 10:04 DigiCert_Global_Root_G2.crt -> /opt/freeware/etc/ssl/certs/DigiCert_Global_Root_G2.crt
lrwxrwxrwx 1 root system 55 Sep 05 10:04 DigiCert_Global_Root_G3.crt -> /opt/freeware/etc/ssl/certs/DigiCert_Global_Root_G3.crt
lrwxrwxrwx 1 root system 66 Sep 05 10:04 DigiCert_High_Assurance_EV_Root_CA.crt -> /opt/freeware/etc/ssl/certs/DigiCert_High_Assurance_EV_Root_CA.crt
lrwxrwxrwx 1 root system 56 Sep 05 10:04 DigiCert_Trusted_Root_G4.crt -> /opt/freeware/etc/ssl/certs/DigiCert_Trusted_Root_G4.crt
lrwxrwxrwx 1 root system 63 Sep 05 10:04 E-Tugra_Certification_Authority.crt -> /opt/freeware/etc/ssl/certs/E-Tugra_Certification_Authority.crt
lrwxrwxrwx 1 root system 38 Sep 05 10:04 EC-ACC.crt -> /opt/freeware/etc/ssl/certs/EC-ACC.crt
lrwxrwxrwx 1 root system 73 Sep 05 10:04 Entrust.net_Premium_2048_Secure_Server_CA.crt -> /opt/freeware/etc/ssl/certs/Entrust.net_Premium_2048_Secure_Server_CA.crt
lrwxrwxrwx 1 root system 68 Sep 05 10:04 Entrust_Root_Certification_Authority.crt -> /opt/freeware/etc/ssl/certs/Entrust_Root_Certification_Authority.crt
lrwxrwxrwx 1 root system 74 Sep 05 10:04 Entrust_Root_Certification_Authority_-_EC1.crt -> /opt/freeware/etc/ssl/certs/Entrust_Root_Certification_Authority_-_EC1.crt
lrwxrwxrwx 1 root system 73 Sep 05 10:04 Entrust_Root_Certification_Authority_-_G2.crt -> /opt/freeware/etc/ssl/certs/Entrust_Root_Certification_Authority_-_G2.crt
lrwxrwxrwx 1 root system 73 Sep 05 10:04 Entrust_Root_Certification_Authority_-_G4.crt -> /opt/freeware/etc/ssl/certs/Entrust_Root_Certification_Authority_-_G4.crt
lrwxrwxrwx 1 root system 54 Sep 05 10:04 GDCA_TrustAUTH_R5_ROOT.crt -> /opt/freeware/etc/ssl/certs/GDCA_TrustAUTH_R5_ROOT.crt
lrwxrwxrwx 1 root system 48 Sep 05 10:04 GLOBALTRUST_2020.crt -> /opt/freeware/etc/ssl/certs/GLOBALTRUST_2020.crt
lrwxrwxrwx 1 root system 43 Sep 05 10:04 GTS_Root_R1.crt -> /opt/freeware/etc/ssl/certs/GTS_Root_R1.crt
lrwxrwxrwx 1 root system 43 Sep 05 10:04 GTS_Root_R2.crt -> /opt/freeware/etc/ssl/certs/GTS_Root_R2.crt
lrwxrwxrwx 1 root system 43 Sep 05 10:04 GTS_Root_R3.crt -> /opt/freeware/etc/ssl/certs/GTS_Root_R3.crt
lrwxrwxrwx 1 root system 43 Sep 05 10:04 GTS_Root_R4.crt -> /opt/freeware/etc/ssl/certs/GTS_Root_R4.crt
lrwxrwxrwx 1 root system 59 Sep 05 10:04 GlobalSign_ECC_Root_CA_-_R4.crt -> /opt/freeware/etc/ssl/certs/GlobalSign_ECC_Root_CA_-_R4.crt
lrwxrwxrwx 1 root system 59 Sep 05 10:04 GlobalSign_ECC_Root_CA_-_R5.crt -> /opt/freeware/etc/ssl/certs/GlobalSign_ECC_Root_CA_-_R5.crt
lrwxrwxrwx 1 root system 50 Sep 05 10:04 GlobalSign_Root_CA.crt -> /opt/freeware/etc/ssl/certs/GlobalSign_Root_CA.crt
lrwxrwxrwx 1 root system 55 Sep 05 10:04 GlobalSign_Root_CA_-_R2.crt -> /opt/freeware/etc/ssl/certs/GlobalSign_Root_CA_-_R2.crt
lrwxrwxrwx 1 root system 55 Sep 05 10:04 GlobalSign_Root_CA_-_R3.crt -> /opt/freeware/etc/ssl/certs/GlobalSign_Root_CA_-_R3.crt
lrwxrwxrwx 1 root system 55 Sep 05 10:04 GlobalSign_Root_CA_-_R6.crt -> /opt/freeware/etc/ssl/certs/GlobalSign_Root_CA_-_R6.crt
lrwxrwxrwx 1 root system 51 Sep 05 10:04 GlobalSign_Root_E46.crt -> /opt/freeware/etc/ssl/certs/GlobalSign_Root_E46.crt
lrwxrwxrwx 1 root system 51 Sep 05 10:04 GlobalSign_Root_R46.crt -> /opt/freeware/etc/ssl/certs/GlobalSign_Root_R46.crt
lrwxrwxrwx 1 root system 51 Sep 05 10:04 Go_Daddy_Class_2_CA.crt -> /opt/freeware/etc/ssl/certs/Go_Daddy_Class_2_CA.crt
lrwxrwxrwx 1 root system 72 Sep 05 10:04 Go_Daddy_Root_Certificate_Authority_-_G2.crt -> /opt/freeware/etc/ssl/certs/Go_Daddy_Root_Certificate_Authority_-_G2.crt
lrwxrwxrwx 1 root system 59 Sep 05 10:04 HARICA_TLS_ECC_Root_CA_2021.crt -> /opt/freeware/etc/ssl/certs/HARICA_TLS_ECC_Root_CA_2021.crt
lrwxrwxrwx 1 root system 59 Sep 05 10:04 HARICA_TLS_RSA_Root_CA_2021.crt -> /opt/freeware/etc/ssl/certs/HARICA_TLS_RSA_Root_CA_2021.crt
lrwxrwxrwx 1 root system 91 Sep 05 10:04 Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.crt -> /opt/freeware/etc/ssl/certs/Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.crt
lrwxrwxrwx 1 root system 87 Sep 05 10:04 Hellenic_Academic_and_Research_Institutions_RootCA_2011.crt -> /opt/freeware/etc/ssl/certs/Hellenic_Academic_and_Research_Institutions_RootCA_2011.crt
lrwxrwxrwx 1 root system 87 Sep 05 10:04 Hellenic_Academic_and_Research_Institutions_RootCA_2015.crt -> /opt/freeware/etc/ssl/certs/Hellenic_Academic_and_Research_Institutions_RootCA_2015.crt
lrwxrwxrwx 1 root system 55 Sep 05 10:04 Hongkong_Post_Root_CA_1.crt -> /opt/freeware/etc/ssl/certs/Hongkong_Post_Root_CA_1.crt
lrwxrwxrwx 1 root system 55 Sep 05 10:04 Hongkong_Post_Root_CA_3.crt -> /opt/freeware/etc/ssl/certs/Hongkong_Post_Root_CA_3.crt
lrwxrwxrwx 1 root system 44 Sep 05 10:04 ISRG_Root_X1.crt -> /opt/freeware/etc/ssl/certs/ISRG_Root_X1.crt
lrwxrwxrwx 1 root system 62 Sep 05 10:04 IdenTrust_Commercial_Root_CA_1.crt -> /opt/freeware/etc/ssl/certs/IdenTrust_Commercial_Root_CA_1.crt
lrwxrwxrwx 1 root system 65 Sep 05 10:04 IdenTrust_Public_Sector_Root_CA_1.crt -> /opt/freeware/etc/ssl/certs/IdenTrust_Public_Sector_Root_CA_1.crt
lrwxrwxrwx 1 root system 42 Sep 05 10:04 Izenpe.com.crt -> /opt/freeware/etc/ssl/certs/Izenpe.com.crt
lrwxrwxrwx 1 root system 62 Sep 05 10:04 Microsec_e-Szigno_Root_CA_2009.crt -> /opt/freeware/etc/ssl/certs/Microsec_e-Szigno_Root_CA_2009.crt
lrwxrwxrwx 1 root system 77 Sep 05 10:04 Microsoft_ECC_Root_Certificate_Authority_2017.crt -> /opt/freeware/etc/ssl/certs/Microsoft_ECC_Root_Certificate_Authority_2017.crt
lrwxrwxrwx 1 root system 77 Sep 05 10:04 Microsoft_RSA_Root_Certificate_Authority_2017.crt -> /opt/freeware/etc/ssl/certs/Microsoft_RSA_Root_Certificate_Authority_2017.crt
lrwxrwxrwx 1 root system 73 Sep 05 10:04 NAVER_Global_Root_Certification_Authority.crt -> /opt/freeware/etc/ssl/certs/NAVER_Global_Root_Certification_Authority.crt
lrwxrwxrwx 1 root system 72 Sep 05 10:04 NetLock_Arany_=Class_Gold=_Fotanusitvany.crt -> /opt/freeware/etc/ssl/certs/NetLock_Arany_=Class_Gold=_Fotanusitvany.crt
lrwxrwxrwx 1 root system 71 Sep 05 10:04 Network_Solutions_Certificate_Authority.crt -> /opt/freeware/etc/ssl/certs/Network_Solutions_Certificate_Authority.crt
lrwxrwxrwx 1 root system 63 Sep 05 10:04 OISTE_WISeKey_Global_Root_GB_CA.crt -> /opt/freeware/etc/ssl/certs/OISTE_WISeKey_Global_Root_GB_CA.crt
lrwxrwxrwx 1 root system 63 Sep 05 10:04 OISTE_WISeKey_Global_Root_GC_CA.crt -> /opt/freeware/etc/ssl/certs/OISTE_WISeKey_Global_Root_GC_CA.crt
lrwxrwxrwx 1 root system 53 Sep 05 10:04 QuoVadis_Root_CA_1_G3.crt -> /opt/freeware/etc/ssl/certs/QuoVadis_Root_CA_1_G3.crt
lrwxrwxrwx 1 root system 50 Sep 05 10:04 QuoVadis_Root_CA_2.crt -> /opt/freeware/etc/ssl/certs/QuoVadis_Root_CA_2.crt
lrwxrwxrwx 1 root system 53 Sep 05 10:04 QuoVadis_Root_CA_2_G3.crt -> /opt/freeware/etc/ssl/certs/QuoVadis_Root_CA_2_G3.crt
lrwxrwxrwx 1 root system 50 Sep 05 10:04 QuoVadis_Root_CA_3.crt -> /opt/freeware/etc/ssl/certs/QuoVadis_Root_CA_3.crt
lrwxrwxrwx 1 root system 53 Sep 05 10:04 QuoVadis_Root_CA_3_G3.crt -> /opt/freeware/etc/ssl/certs/QuoVadis_Root_CA_3_G3.crt
lrwxrwxrwx 1 root system 75 Sep 05 10:04 SSL.com_EV_Root_Certification_Authority_ECC.crt -> /opt/freeware/etc/ssl/certs/SSL.com_EV_Root_Certification_Authority_ECC.crt
lrwxrwxrwx 1 root system 78 Sep 05 10:04 SSL.com_EV_Root_Certification_Authority_RSA_R2.crt -> /opt/freeware/etc/ssl/certs/SSL.com_EV_Root_Certification_Authority_RSA_R2.crt
lrwxrwxrwx 1 root system 72 Sep 05 10:04 SSL.com_Root_Certification_Authority_ECC.crt -> /opt/freeware/etc/ssl/certs/SSL.com_Root_Certification_Authority_ECC.crt
lrwxrwxrwx 1 root system 72 Sep 05 10:04 SSL.com_Root_Certification_Authority_RSA.crt -> /opt/freeware/etc/ssl/certs/SSL.com_Root_Certification_Authority_RSA.crt
lrwxrwxrwx 1 root system 47 Sep 05 10:04 SZAFIR_ROOT_CA2.crt -> /opt/freeware/etc/ssl/certs/SZAFIR_ROOT_CA2.crt
lrwxrwxrwx 1 root system 51 Sep 05 10:04 SecureSign_RootCA11.crt -> /opt/freeware/etc/ssl/certs/SecureSign_RootCA11.crt
lrwxrwxrwx 1 root system 46 Sep 05 10:04 SecureTrust_CA.crt -> /opt/freeware/etc/ssl/certs/SecureTrust_CA.crt
lrwxrwxrwx 1 root system 48 Sep 05 10:04 Secure_Global_CA.crt -> /opt/freeware/etc/ssl/certs/Secure_Global_CA.crt
lrwxrwxrwx 1 root system 62 Sep 05 10:04 Security_Communication_RootCA2.crt -> /opt/freeware/etc/ssl/certs/Security_Communication_RootCA2.crt
lrwxrwxrwx 1 root system 62 Sep 05 10:04 Security_Communication_Root_CA.crt -> /opt/freeware/etc/ssl/certs/Security_Communication_Root_CA.crt
lrwxrwxrwx 1 root system 64 Sep 05 10:04 Staat_der_Nederlanden_EV_Root_CA.crt -> /opt/freeware/etc/ssl/certs/Staat_der_Nederlanden_EV_Root_CA.crt
lrwxrwxrwx 1 root system 52 Sep 05 10:04 Starfield_Class_2_CA.crt -> /opt/freeware/etc/ssl/certs/Starfield_Class_2_CA.crt
lrwxrwxrwx 1 root system 73 Sep 05 10:04 Starfield_Root_Certificate_Authority_-_G2.crt -> /opt/freeware/etc/ssl/certs/Starfield_Root_Certificate_Authority_-_G2.crt
lrwxrwxrwx 1 root system 82 Sep 05 10:04 Starfield_Services_Root_Certificate_Authority_-_G2.crt -> /opt/freeware/etc/ssl/certs/Starfield_Services_Root_Certificate_Authority_-_G2.crt
lrwxrwxrwx 1 root system 54 Sep 05 10:04 SwissSign_Gold_CA_-_G2.crt -> /opt/freeware/etc/ssl/certs/SwissSign_Gold_CA_-_G2.crt
lrwxrwxrwx 1 root system 56 Sep 05 10:04 SwissSign_Silver_CA_-_G2.crt -> /opt/freeware/etc/ssl/certs/SwissSign_Silver_CA_-_G2.crt
lrwxrwxrwx 1 root system 60 Sep 05 10:04 T-TeleSec_GlobalRoot_Class_2.crt -> /opt/freeware/etc/ssl/certs/T-TeleSec_GlobalRoot_Class_2.crt
lrwxrwxrwx 1 root system 60 Sep 05 10:04 T-TeleSec_GlobalRoot_Class_3.crt -> /opt/freeware/etc/ssl/certs/T-TeleSec_GlobalRoot_Class_3.crt
lrwxrwxrwx 1 root system 77 Sep 05 10:04 TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi_-_Surum_1.crt -> /opt/freeware/etc/ssl/certs/TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi_-_Surum_1.crt
lrwxrwxrwx 1 root system 51 Sep 05 10:04 TWCA_Global_Root_CA.crt -> /opt/freeware/etc/ssl/certs/TWCA_Global_Root_CA.crt
lrwxrwxrwx 1 root system 65 Sep 05 10:04 TWCA_Root_Certification_Authority.crt -> /opt/freeware/etc/ssl/certs/TWCA_Root_Certification_Authority.crt
lrwxrwxrwx 1 root system 54 Sep 05 10:04 TeliaSonera_Root_CA_v1.crt -> /opt/freeware/etc/ssl/certs/TeliaSonera_Root_CA_v1.crt
lrwxrwxrwx 1 root system 46 Sep 05 10:04 TrustCor_ECA-1.crt -> /opt/freeware/etc/ssl/certs/TrustCor_ECA-1.crt
lrwxrwxrwx 1 root system 54 Sep 05 10:04 TrustCor_RootCert_CA-1.crt -> /opt/freeware/etc/ssl/certs/TrustCor_RootCert_CA-1.crt
lrwxrwxrwx 1 root system 54 Sep 05 10:04 TrustCor_RootCert_CA-2.crt -> /opt/freeware/etc/ssl/certs/TrustCor_RootCert_CA-2.crt
lrwxrwxrwx 1 root system 72 Sep 05 10:04 Trustwave_Global_Certification_Authority.crt -> /opt/freeware/etc/ssl/certs/Trustwave_Global_Certification_Authority.crt
lrwxrwxrwx 1 root system 81 Sep 05 10:04 Trustwave_Global_ECC_P256_Certification_Authority.crt -> /opt/freeware/etc/ssl/certs/Trustwave_Global_ECC_P256_Certification_Authority.crt
lrwxrwxrwx 1 root system 81 Sep 05 10:04 Trustwave_Global_ECC_P384_Certification_Authority.crt -> /opt/freeware/etc/ssl/certs/Trustwave_Global_ECC_P384_Certification_Authority.crt
lrwxrwxrwx 1 root system 48 Sep 05 10:04 TunTrust_Root_CA.crt -> /opt/freeware/etc/ssl/certs/TunTrust_Root_CA.crt
lrwxrwxrwx 1 root system 60 Sep 05 10:04 UCA_Extended_Validation_Root.crt -> /opt/freeware/etc/ssl/certs/UCA_Extended_Validation_Root.crt
lrwxrwxrwx 1 root system 50 Sep 05 10:04 UCA_Global_G2_Root.crt -> /opt/freeware/etc/ssl/certs/UCA_Global_G2_Root.crt
lrwxrwxrwx 1 root system 69 Sep 05 10:04 USERTrust_ECC_Certification_Authority.crt -> /opt/freeware/etc/ssl/certs/USERTrust_ECC_Certification_Authority.crt
lrwxrwxrwx 1 root system 69 Sep 05 10:04 USERTrust_RSA_Certification_Authority.crt -> /opt/freeware/etc/ssl/certs/USERTrust_RSA_Certification_Authority.crt
lrwxrwxrwx 1 root system 52 Sep 05 10:04 XRamp_Global_CA_Root.crt -> /opt/freeware/etc/ssl/certs/XRamp_Global_CA_Root.crt
lrwxrwxrwx 1 root system 15 Sep 05 10:04 a3418fda.0 -> GTS_Root_R4.crt
lrwxrwxrwx 1 root system 13 Sep 05 10:04 a94d09e5.0 -> ACCVRAIZ1.crt
lrwxrwxrwx 1 root system 45 Sep 05 10:04 aee5f10d.0 -> Entrust.net_Premium_2048_Secure_Server_CA.crt
lrwxrwxrwx 1 root system 31 Sep 05 10:04 b0e59380.0 -> GlobalSign_ECC_Root_CA_-_R4.crt
lrwxrwxrwx 1 root system 31 Sep 05 10:04 b1159c4c.0 -> DigiCert_Assured_ID_Root_CA.crt
lrwxrwxrwx 1 root system 29 Sep 05 10:04 b433981b.0 -> ANF_Secure_Server_Root_CA.crt
lrwxrwxrwx 1 root system 20 Sep 05 10:04 b66938e9.0 -> Secure_Global_CA.crt
lrwxrwxrwx 1 root system 23 Sep 05 10:04 b727005e.0 -> AffirmTrust_Premium.crt
lrwxrwxrwx 1 root system 37 Sep 05 10:04 b7a5b843.0 -> TWCA_Root_Certification_Authority.crt
lrwxrwxrwx 1 root system 39 Sep 05 10:04 b81b93f0.0 -> AC_RAIZ_FNMT-RCM_SERVIDORES_SEGUROS.crt
lrwxrwxrwx 1 root system 49 Sep 05 10:04 bf53fb88.0 -> Microsoft_RSA_Root_Certificate_Authority_2017.crt
lrwxrwxrwx 1 root system 22 Sep 05 10:04 c01eb047.0 -> UCA_Global_G2_Root.crt
lrwxrwxrwx 1 root system 34 Sep 05 10:04 c28a8a30.0 -> D-TRUST_Root_Class_3_CA_2_2009.crt
lrwxrwxrwx 1 root system 41 Sep 05 10:04 ca-bundle.crt -> /opt/freeware/etc/ssl/certs/ca-bundle.crt
lrwxrwxrwx 1 root system 47 Sep 05 10:04 ca-bundle.trust.crt -> /opt/freeware/etc/ssl/certs/ca-bundle.trust.crt
lrwxrwxrwx 1 root system 37 Sep 05 10:04 ca6e4ad9.0 -> ePKI_Root_Certification_Authority.crt
lrwxrwxrwx 1 root system 44 Sep 05 10:04 cbf06781.0 -> Go_Daddy_Root_Certificate_Authority_-_G2.crt
lrwxrwxrwx 1 root system 14 Sep 05 10:04 cc450945.0 -> Izenpe.com.crt
lrwxrwxrwx 1 root system 34 Sep 05 10:04 cd58d51e.0 -> Security_Communication_RootCA2.crt
lrwxrwxrwx 1 root system 20 Sep 05 10:04 cd8c0d63.0 -> AC_RAIZ_FNMT-RCM.crt
lrwxrwxrwx 1 root system 20 Sep 05 10:04 ce5e74ef.0 -> Amazon_Root_CA_1.crt
lrwxrwxrwx 1 root system 48 Sep 05 10:04 certSIGN_ROOT_CA.crt -> /opt/freeware/etc/ssl/certs/certSIGN_ROOT_CA.crt
lrwxrwxrwx 1 root system 51 Sep 05 10:04 certSIGN_Root_CA_G2.crt -> /opt/freeware/etc/ssl/certs/certSIGN_Root_CA_G2.crt
lrwxrwxrwx 1 root system 37 Sep 05 10:04 d4dae3dd.0 -> D-TRUST_Root_Class_3_CA_2_EV_2009.crt
lrwxrwxrwx 1 root system 38 Sep 05 10:04 d6325660.0 -> COMODO_RSA_Certification_Authority.crt
lrwxrwxrwx 1 root system 22 Sep 05 10:04 d7e8dc79.0 -> QuoVadis_Root_CA_2.crt
lrwxrwxrwx 1 root system 53 Sep 05 10:04 d887a5bb.0 -> Trustwave_Global_ECC_P384_Certification_Authority.crt
lrwxrwxrwx 1 root system 27 Sep 05 10:04 dc4d6a89.0 -> GlobalSign_Root_CA_-_R6.crt
lrwxrwxrwx 1 root system 27 Sep 05 10:04 dd8e9d41.0 -> DigiCert_Global_Root_G3.crt
lrwxrwxrwx 1 root system 20 Sep 05 10:04 de6d66f3.0 -> Amazon_Root_CA_4.crt
lrwxrwxrwx 1 root system 53 Sep 05 10:04 e-Szigno_Root_CA_2017.crt -> /opt/freeware/etc/ssl/certs/e-Szigno_Root_CA_2017.crt
lrwxrwxrwx 1 root system 12 Sep 05 10:04 e113c810.0 -> Certigna.crt
lrwxrwxrwx 1 root system 25 Sep 05 10:04 e18bfb83.0 -> QuoVadis_Root_CA_3_G3.crt
lrwxrwxrwx 1 root system 26 Sep 05 10:04 e35234b1.0 -> Certum_Trusted_Root_CA.crt
lrwxrwxrwx 1 root system 25 Sep 05 10:04 e36a6752.0 -> Atos_TrustedRoot_2011.crt
lrwxrwxrwx 1 root system 35 Sep 05 10:04 e73d606e.0 -> OISTE_WISeKey_Global_Root_GB_CA.crt
lrwxrwxrwx 1 root system 25 Sep 05 10:04 e868b802.0 -> e-Szigno_Root_CA_2017.crt
lrwxrwxrwx 1 root system 27 Sep 05 10:04 e8de2f56.0 -> Buypass_Class_3_Root_CA.crt
lrwxrwxrwx 1 root system 65 Sep 05 10:04 ePKI_Root_Certification_Authority.crt -> /opt/freeware/etc/ssl/certs/ePKI_Root_Certification_Authority.crt
lrwxrwxrwx 1 root system 31 Sep 05 10:04 ecccd8db.0 -> HARICA_TLS_ECC_Root_CA_2021.crt
lrwxrwxrwx 1 root system 28 Sep 05 10:04 ee64a828.0 -> Comodo_AAA_Services_root.crt
lrwxrwxrwx 1 root system 38 Sep 05 10:04 eed8c118.0 -> COMODO_ECC_Certification_Authority.crt
lrwxrwxrwx 1 root system 34 Sep 05 10:04 ef954a4e.0 -> IdenTrust_Commercial_Root_CA_1.crt
lrwxrwxrwx 1 root system 55 Sep 05 10:04 emSign_ECC_Root_CA_-_C3.crt -> /opt/freeware/etc/ssl/certs/emSign_ECC_Root_CA_-_C3.crt
lrwxrwxrwx 1 root system 55 Sep 05 10:04 emSign_ECC_Root_CA_-_G3.crt -> /opt/freeware/etc/ssl/certs/emSign_ECC_Root_CA_-_G3.crt
lrwxrwxrwx 1 root system 51 Sep 05 10:04 emSign_Root_CA_-_C1.crt -> /opt/freeware/etc/ssl/certs/emSign_Root_CA_-_C1.crt
lrwxrwxrwx 1 root system 51 Sep 05 10:04 emSign_Root_CA_-_G1.crt -> /opt/freeware/etc/ssl/certs/emSign_Root_CA_-_G1.crt
lrwxrwxrwx 1 root system 23 Sep 05 10:04 f081611a.0 -> Go_Daddy_Class_2_CA.crt
lrwxrwxrwx 1 root system 47 Sep 05 10:04 f0c70a8d.0 -> SSL.com_EV_Root_Certification_Authority_ECC.crt
lrwxrwxrwx 1 root system 44 Sep 05 10:04 f249de83.0 -> Trustwave_Global_Certification_Authority.crt
lrwxrwxrwx 1 root system 41 Sep 05 10:04 f30dd6ad.0 -> USERTrust_ECC_Certification_Authority.crt
lrwxrwxrwx 1 root system 34 Sep 05 10:04 f3377b1b.0 -> Security_Communication_Root_CA.crt
lrwxrwxrwx 1 root system 24 Sep 05 10:04 f387163d.0 -> Starfield_Class_2_CA.crt
lrwxrwxrwx 1 root system 18 Sep 05 10:04 f39fc864.0 -> SecureTrust_CA.crt
lrwxrwxrwx 1 root system 20 Sep 05 10:04 f51bb24c.0 -> Certigna_Root_CA.crt
lrwxrwxrwx 1 root system 20 Sep 05 10:04 fa5da96b.0 -> GLOBALTRUST_2020.crt
lrwxrwxrwx 1 root system 41 Sep 05 10:04 fc5a8f99.0 -> USERTrust_RSA_Certification_Authority.crt
lrwxrwxrwx 1 root system 20 Sep 05 10:04 fd64f3fc.0 -> TunTrust_Root_CA.crt
lrwxrwxrwx 1 root system 19 Sep 05 10:04 fe8a2cd8.0 -> SZAFIR_ROOT_CA2.crt
lrwxrwxrwx 1 root system 23 Sep 05 10:04 feffd413.0 -> GlobalSign_Root_E46.crt
lrwxrwxrwx 1 root system 49 Sep 05 10:04 ff34af3f.0 -> TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi_-_Surum_1.crt
------------------------------
Nicolas KAPLIN
------------------------------
Original Message:
Sent: Wed September 07, 2022 09:08 AM
From: Ayappan P
Subject: YUM error in https : [Errno 14] curl#60 - "SSL certificate problem: self signed certificate in certificate chain"
Can you share the below two outputs ?
ls -l /var/ssl
ls -l /var/ssl/certs
------------------------------
Ayappan P
Original Message:
Sent: Wed September 07, 2022 08:45 AM
From: Nicolas KAPLIN
Subject: YUM error in https : [Errno 14] curl#60 - "SSL certificate problem: self signed certificate in certificate chain"
Hello Ayappan,
We checked the hashes created , seems to be ok:
Hash file a94d09e5.0 correpond to the following cert
- /var/ssl/certs/ca-bundle.crt
- /var/ssl/certs/ACCVRAIZ1.crt
- /var/ssl/certs/ca-bundle.trust.crt
------------------------------
Nicolas KAPLIN
Original Message:
Sent: Wed September 07, 2022 04:45 AM
From: Ayappan P
Subject: YUM error in https : [Errno 14] curl#60 - "SSL certificate problem: self signed certificate in certificate chain"
Users had issues with ca-certificates sometime back. We fixed those issues with the ca-certificates version 2021.2.52-3.
So I am not sure what is the problem here. Please check whether the hashes are created in /var/ssl/certs directory.
------------------------------
Ayappan P
Original Message:
Sent: Mon September 05, 2022 04:55 AM
From: Nicolas KAPLIN
Subject: YUM error in https : [Errno 14] curl#60 - "SSL certificate problem: self signed certificate in certificate chain"
Hello,
When we try yum list sudo for example, we have an error:
anonymous@public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/repodata/repomd.xml:">https://anonymous:anonymous@public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/repodata/repomd.xml: [Errno 14] curl#60 - "SSL certificate problem: self signed certificate in certificate chain"
Trying other mirror.
Error: Cannot retrieve repository metadata (repomd.xml) for repository: AIX_Toolbox. Please verify its path and try again
We can bypass this error with http (instead of https) or sslverify=false
So We tried to reinstall CA:
yum reinstall ca-certificates -y
Setting up Reinstall Process
AIX_Toolbox | 2.7 kB 00:00:00
AIX_Toolbox/primary_db | 3.1 MB 00:00:00
AIX_Toolbox_72 | 2.7 kB 00:00:00
AIX_Toolbox_72/primary_db | 375 kB 00:00:00
AIX_Toolbox_noarch | 2.6 kB 00:00:00
AIX_Toolbox_noarch/primary_db | 111 kB 00:00:00
Resolving Dependencies
--> Running transaction check
---> Package ca-certificates.ppc 0:2021.2.52-3 will be reinstalled
--> Finished Dependency Resolution
yum clean all
but we still have the error...
When we try ssl connection:
/usr/bin/openssl s_client -showcerts -connect public.dhe.ibm.com:443
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1662362491
Timeout : 300 (sec)
Verify return code: 19 (self signed certificate in certificate chain)
we have a code 19
We tried to replace the CA-bundle.crt with a one who works and we have a code zero with ssl conection:
openssl s_client -connect github.com:443 = OK
openssl s_client -connect 129.35.224.112/aix/freeSoftware/aixtoolbox/RPMS/ppc/repodata.xml:443 = OK
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1662366043
Timeout : 300 (sec)
Verify return code: 0 (ok)
We made a yum clean all after that but we still have an error with yum list sudo
yum -t list sudo
anonymous@public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/repodata/repomd.xml:">https://anonymous:anonymous@public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/repodata/repomd.xml: [Errno 14] curl#60 - "SSL certificate problem: self signed certificate in certificate chain"
Trying other mirror.
Error: Cannot retrieve repository metadata (repomd.xml) for repository: AIX_Toolbox. Please verify its path and try again
Why, do we have an ssl problem, with the CA-bundle.crt , it is generated with ca-certificates from IBM ?
Thank you for your help
regards
Nicolas
------------------------------
Nicolas KAPLIN
------------------------------