Apt-Get 更新因证书验证而失败

tag-icon tag-icon certificate apt update ubuntu-20.04
Apt-Get 更新因证书验证而失败

使用 Ubuntu Focal fossa。我试图安装用于 VPN 的 checkpoint ssl 软件,但似乎有些东西弄乱了我的所有证书。现在,每当我尝试

sudo apt-get update

我收到以下错误。

Get:1 file:/var/cudnn-local-repo-ubuntu2004-8.3.1.22  InRelease
Ign:1 file:/var/cudnn-local-repo-ubuntu2004-8.3.1.22  InRelease
Get:2 file:/var/cudnn-local-repo-ubuntu2004-8.3.1.22  Release [564 B]
Get:2 file:/var/cudnn-local-repo-ubuntu2004-8.3.1.22  Release [564 B]
Ign:3 https://dl.google.com/linux/chrome/deb stable InRelease
Ign:4 https://gitlab.com/feren-os/feren-repositories-neon-focal/raw/master stable InRelease        
Err:5 https://dl.google.com/linux/chrome/deb stable Release                                        
  Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown.  Could not handshake: Error in the certificate verification. [IP: 74.125.68.91 443]
Ign:6 https://dl.winehq.org/wine-builds/ubuntu focal InRelease                                     
Ign:7 https://gitlab.com/feren-os/feren-repositories-focal/raw/master stable InRelease             
Err:8 https://dl.winehq.org/wine-builds/ubuntu focal Release                                       
  Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown.  Could not handshake: Error in the certificate verification. [IP: 199.232.46.217 443]
Ign:9 https://packages.microsoft.com/repos/azure-cli focal InRelease                               
Err:10 https://gitlab.com/feren-os/feren-repositories-neon-focal/raw/master stable Release         
  Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown.  Could not handshake: Error in the certificate verification. [IP: 172.65.251.78 443]
Ign:11 https://packages.microsoft.com/repos/ms-teams stable InRelease                              
Err:12 https://gitlab.com/feren-os/feren-repositories-focal/raw/master stable Release              
  Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown.  Could not handshake: Error in the certificate verification. [IP: 172.65.251.78 443]
Err:13 https://packages.microsoft.com/repos/azure-cli focal Release                                
  Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown.  Could not handshake: Error in the certificate verification. [IP: 40.65.182.21 443]
Ign:14 https://download.docker.com/linux/ubuntu focal InRelease                                    
Ign:15 https://desktop-download.mendeley.com/download/apt stable InRelease                         
Err:16 https://packages.microsoft.com/repos/ms-teams stable Release                                
  Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown.  Could not handshake: Error in the certificate verification. [IP: 40.65.182.21 443]
Err:17 https://download.docker.com/linux/ubuntu focal Release                                      
  Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown.  Could not handshake: Error in the certificate verification. [IP: 13.33.33.8 443]
Err:19 https://desktop-download.mendeley.com/download/apt stable Release                           
  Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown.  Could not handshake: Error in the certificate verification. [IP: 162.159.130.86 443]
Ign:20 https://packagecloud.io/AtomEditor/atom/any any InRelease                                   
Ign:21 https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2004/x86_64  InRelease       
Err:22 https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2004/x86_64  Release         
  Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown.  Could not handshake: Error in the certificate verification. [IP: 152.199.39.144 443]
Hit:23 http://archive.ubuntu.com/ubuntu focal InRelease                                            
Hit:24 http://archive.canonical.com/ubuntu focal InRelease                                         
Ign:25 http://repo.vivaldi.com/stable/deb stable InRelease                                         
Hit:26 http://repo.vivaldi.com/stable/deb stable Release                                           
Hit:27 http://deb.volian.org/volian scar InRelease                                                 
Get:28 http://archive.ubuntu.com/ubuntu focal-updates InRelease [114 kB]                           
Hit:29 http://ppa.launchpad.net/alessandro-strada/ppa/ubuntu focal InRelease                       
Err:30 https://packagecloud.io/AtomEditor/atom/any any Release                                     
  Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown.  Could not handshake: Error in the certificate verification. [IP: 52.52.107.175 443]
Get:31 http://security.ubuntu.com/ubuntu focal-security InRelease [114 kB]                         
Hit:33 http://ppa.launchpad.net/inkscape.dev/stable/ubuntu focal InRelease                         
Get:34 http://archive.ubuntu.com/ubuntu focal-backports InRelease [108 kB]                  
Reading package lists... Done                                        
W: https://dl.google.com/linux/chrome/deb/dists/stable/InRelease: No system certificates available. Try installing ca-certificates.
W: https://gitlab.com/feren-os/feren-repositories-neon-focal/raw/master/dists/stable/InRelease: No system certificates available. Try installing ca-certificates.
W: https://dl.google.com/linux/chrome/deb/dists/stable/Release: No system certificates available. Try installing ca-certificates.
W: https://dl.winehq.org/wine-builds/ubuntu/dists/focal/InRelease: No system certificates available. Try installing ca-certificates.
W: https://gitlab.com/feren-os/feren-repositories-focal/raw/master/dists/stable/InRelease: No system certificates available. Try installing ca-certificates.
E: The repository 'https://dl.google.com/linux/chrome/deb stable Release' no longer has a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: https://dl.winehq.org/wine-builds/ubuntu/dists/focal/Release: No system certificates available. Try installing ca-certificates.
W: https://packages.microsoft.com/repos/azure-cli/dists/focal/InRelease: No system certificates available. Try installing ca-certificates.
E: The repository 'https://dl.winehq.org/wine-builds/ubuntu focal Release' no longer has a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: https://gitlab.com/feren-os/feren-repositories-neon-focal/raw/master/dists/stable/Release: No system certificates available. Try installing ca-certificates.
E: The repository 'https://gitlab.com/feren-os/feren-repositories-neon-focal/raw/master stable Release' no longer has a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: https://packages.microsoft.com/repos/ms-teams/dists/stable/InRelease: No system certificates available. Try installing ca-certificates.
W: https://gitlab.com/feren-os/feren-repositories-focal/raw/master/dists/stable/Release: No system certificates available. Try installing ca-certificates.
E: The repository 'https://gitlab.com/feren-os/feren-repositories-focal/raw/master stable Release' no longer has a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: https://packages.microsoft.com/repos/azure-cli/dists/focal/Release: No system certificates available. Try installing ca-certificates.
W: https://download.docker.com/linux/ubuntu/dists/focal/InRelease: No system certificates available. Try installing ca-certificates.
E: The repository 'https://packages.microsoft.com/repos/azure-cli focal Release' no longer has a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: https://desktop-download.mendeley.com/download/apt/dists/stable/InRelease: No system certificates available. Try installing ca-certificates.
W: https://packages.microsoft.com/repos/ms-teams/dists/stable/Release: No system certificates available. Try installing ca-certificates.
W: https://download.docker.com/linux/ubuntu/dists/focal/Release: No system certificates available. Try installing ca-certificates.
E: The repository 'https://packages.microsoft.com/repos/ms-teams stable Release' no longer has a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: The repository 'https://download.docker.com/linux/ubuntu focal Release' no longer has a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: https://desktop-download.mendeley.com/download/apt/dists/stable/Release: No system certificates available. Try installing ca-certificates.
E: The repository 'https://desktop-download.mendeley.com/download/apt stable Release' no longer has a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: https://packagecloud.io/AtomEditor/atom/any/dists/any/InRelease: No system certificates available. Try installing ca-certificates.
W: https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2004/x86_64/InRelease: No system certificates available. Try installing ca-certificates.
W: https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2004/x86_64/Release: No system certificates available. Try installing ca-certificates.
E: The repository 'https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2004/x86_64  Release' no longer has a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: https://packagecloud.io/AtomEditor/atom/any/dists/any/Release: No system certificates available. Try installing ca-certificates.
E: The repository 'https://packagecloud.io/AtomEditor/atom/any any Release' no longer has a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.

出路是什么?除了重新安装一切之外,还有什么其他选择吗?

N: See apt-secure(8) manpage for repository creation and user configuration details.
N: Skipping acquire of configured file 'main/binary-i386/Packages' as repository 'http://deb.volian.org/volian scar InRelease' doesn't support architecture 'i386'

答案1

  1. 下载软件包ca 证书从 Ubuntu 存储库手动下载。您可以使用 wget 下载wget --no-check-certificate http://security.ubuntu.com/ubuntu/pool/main/c/ca-certificates/ca-certificates_20210119~20.04.2_all.deb

  2. 运行dpkg -r --force-depends ca-certificates以删除旧包和没有内容的最终文件。

  3. 运行dpkg -i ca-certificates_20210119~20.04.2_all.deb以安装该包。

这应该会让你在证书方面有一个或多或少的干净的记录。

请注意:不要使用wget上面的命令;请从以下位置找到适用于你的 Ubuntu 版本的最新软件包packages.ubuntu.com. 这些事情确实会改变。

答案2

可以通过以下链接以不同的方式解决这个问题:

https://askubuntu.com/questions/1095266/apt-get-update-failed-because-certificate-verification-failed-because-handshake

答案3

在我的情况下,ubuntu 存储库可以正常工作,但所有第三方存储库都因证书错误而失败。例如,virtualbox、teamviewer 和 brave browser apt 存储库出现证书错误:

Err:1 https://brave-browser-apt-release.s3.brave.com stable InRelease
  Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown.  Could not handshake: Error in the certificate verification. [IP: 108.158.147.42 443]
Err:8 https://download.docker.com/linux/ubuntu jammy InRelease                                                                             
  Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown.  Could not handshake: Error in the certificate verification. [IP: 52.84.83.46 443]
Err:9 https://linux.teamviewer.com/deb stable InRelease                                                                                    
  Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown.  Could not handshake: Error in the certificate verification. [IP: 13.227.97.115 443]
Err:10 https://download.virtualbox.org/virtualbox/debian jammy InRelease                                                                   
  Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown.  Could not handshake: Error in the certificate verification. [IP: 23.40.56.91 443]
Fetched 5.535 B in 18s (306 B/s)                                                                                                           
Reading package lists... Done

我刚刚做了以下操作并解决了这个问题:

sudo apt reinstall ca-certificates

这是 Ubuntu 22.04 (jammy)。

答案4

就我而言,链接自的证书/etc/ssl/certs已损坏。我在创建时发现了此问题,/etc/apt/apt.conf.d/80-ssl-exceptions行号为Acquire::https::<server>::CaInfo "/etc/ssl/certs/ca-certificates.crt";。执行后sudo apt update出现错误消息Could not load certificates from /etc/ssl/certs/ca-certificates.crt (CaInfo option): ASN1-Parser: error in implicit tag.

删除证书并重新安装ca-certificatessudo apt reinstall ca-certificates)后,更新过程正常。

相关内容