Clear Linux OS Forum

Expired Certificate used in mix

General Discussion

btsvinningen August 4, 2020, 8:46am 1

We have a mix server that was set up about a year ago, and clients have been installed using this mix.
The problem is that the certificate (xxx_Root.pem) have expired.

Did a test creating a new fresh mix with mixer init and it seems the default valid time for the certificate is 1 year, which explains why we are having the problem now.

        Validity
            Not Before: Jul 15 06:11:19 2019 GMT
            Not After : Jul 15 06:11:19 2020 GMT

Are there some procedure or documented way to update the certificates ? Both on the client installations and the mix server ?

Also, will there be a problem that certain mix versions have one certificate and the later ones suddenly have a new certificate…or is it possible at all ?

Advice here is highly appreciated.

Regards
Bjørn Tore.

btsvinningen August 5, 2020, 6:40am 2

Solved it by generating new certificates, replaced the ones on the mix server, bumped version and built new mix, and then updated the clients using swupd update --nosigcheck.

If there are some other or better way to solve this it would be interesting to hear what that might be.

Regards
Bjørn Tore.

2 Likes

Topic		Replies	Views	Activity
Certificate expired on: https://clearlinux.org/ Developer Discussion	4	455	October 12, 2023
Check of signature files General Discussion	2	451	August 3, 2020
To mix maintainers: swupd is now enforcing signature of latest file News and Announcements	1	737	June 23, 2020
Custom mixer repo problems Developer Discussion	1	266	January 26, 2024
Unable to resolve package errors when building mix bundles Developer Discussion	6	783	January 12, 2020