why in the world would anybody want to remove it? this has clearly dependency impact "yum reinstall ca-certificates" is your friend Am 01.11.2013 21:30, schrieb bruce: > ooopps... > > when I run rpm -qV ca-certificates > > I get > > rpm -qV ca-certificates > S.5....T. c /etc/pki/tls/certs/ca-bundle.crt > > when I try to do yum erase ca-certificates.. yum offers to remove a > bunch of things!! > > [root@dell-1 parseapp2]# rpm -e ca-certificates > error: Failed dependencies: > ca-certificates is needed by (installed) qt-1:4.6.3-10.fc13.x86_64 > ca-certificates is needed by (installed) neon-0.29.3-1.fc13.x86_64 > ca-certificates is needed by (installed) > java-1.6.0-openjdk-1:1.6.0.0-51.1.8.8.fc13.x86_64 > ca-certificates is needed by (installed) qt-1:4.6.3-10.fc13.i686 > ca-certificates is needed by (installed) libpurple-2.7.11-1.fc13.x86_64 > ca-certificates >= 2008-5 is needed by (installed) > openssl-1.0.0d-1.fc13.x86_64 > ca-certificates >= 2008-5 is needed by (installed) > openssl-1.0.0d-1.fc13.i686 > > thoughts?? > > thanks > > > On Fri, Nov 1, 2013 at 4:12 PM, Michael Cronenworth <mike@xxxxxxxxxx> wrote: >> bruce wrote: >>> >>> I tried to extract the pem as you suggested, placed it in a diff dir.. >>> it works... >>> >>> So I've got a couple of questions... How did you know which cert/pem >>> file to extract? Why didn't my attempt at getting the cert from the >>> "lock" of the url/address for the smc.edu site not work? >> >> >> I read the "Issued By" line: >> >> * Peer's certificate issuer is not recognized: 'CN=VeriSign Class 3 >> International Server CA - G3,OU=Terms of use at >> https://www.verisign.com/rpa (c)10,OU=VeriSign Trust >> Network,O="VeriSign, Inc.",C=US' >> >> You downloaded the client certificate that is signed by the CA certificate. >> In order for curl/NSS to validate the client certificate it needs the CA >> certificate and not the client certificate. >> >> >>> >>> Also, any idea what I can do regarding the access/path errors I >>> mentioned... >> >> >> In regards to your private mail, I do not know why you are seeing errors. >> You may have damanged the cert databases in /etc/pki/nssdb, which are empty >> by default, but are still used during CA checking. >> >> You can verify the ca-bundle is unharmed by running "rpm -qV >> ca-certificates". Nothing should print to your terminal if it verifies >> successfully.
Attachment:
signature.asc
Description: OpenPGP digital signature
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
