diff options
| -rwxr-xr-x | data/live-build-config/hooks/live/00-update-letsencrypt-root-ca.chroot | 7 | ||||
| -rw-r--r-- | docker/Dockerfile | 9 |
2 files changed, 16 insertions, 0 deletions
diff --git a/data/live-build-config/hooks/live/00-update-letsencrypt-root-ca.chroot b/data/live-build-config/hooks/live/00-update-letsencrypt-root-ca.chroot new file mode 100755 index 00000000..d27cc12c --- /dev/null +++ b/data/live-build-config/hooks/live/00-update-letsencrypt-root-ca.chroot @@ -0,0 +1,7 @@ +#!/bin/sh + +echo I: Un-trust old LetsEncrypt root +sed -i '/^mozilla\/DST_Root_CA_X3/s/^/!/' /etc/ca-certificates.conf +echo I: Update CA certificates +update-ca-certificates + diff --git a/docker/Dockerfile b/docker/Dockerfile index 238229d0..221de785 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -73,6 +73,15 @@ RUN apt-get update && apt-get install -y \ grub2 # +# The LetsEncrypt root certificate expired - we need to install the new ones +# +RUN apt-get update && apt-get install -y ca-certificates +# Un-trust the old certificate +RUN sed -i '/^mozilla\/DST_Root_CA_X3/s/^/!/' /etc/ca-certificates.conf +# Update CA store +RUN update-ca-certificates + +# # Setup Debian Jessie Backports repository # COPY no--check-valid-until /etc/apt/apt.conf.d/ |