Closed Fainzeraier closed 2 years ago
Thanks for reporting. I was able to reproduce a simmilar error on one of my test environments:
apt update
Hit:1 http://deb.debian.org/debian stretch-backports InRelease
Hit:2 http://security.debian.org stretch/updates InRelease
Hit:3 http://deb.debian.org/debian unstable InRelease
Hit:4 http://ftp.debian.org/debian stretch-backports InRelease
Ign:5 http://mirrors.digitalocean.com/debian stretch InRelease
Hit:6 http://mirrors.digitalocean.com/debian stretch-updates InRelease
Hit:7 http://mirrors.digitalocean.com/debian stretch Release
Hit:8 https://repos.influxdata.com/debian stretch InRelease
Ign:9 https://artifacts.chirpstack.io/packages/3.x/deb stable InRelease
Ign:10 https://artifacts.chirpstack.io/packages/3.x/deb testing InRelease
Err:11 https://artifacts.chirpstack.io/packages/3.x/deb stable Release
server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
Err:12 https://artifacts.chirpstack.io/packages/3.x/deb testing Release
server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
Reading package lists... Done
E: The repository 'https://artifacts.chirpstack.io/packages/3.x/deb stable Release' does no longer have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: The repository 'https://artifacts.chirpstack.io/packages/3.x/deb testing Release' does no longer have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
After spending about an hour on looking at the wrong place (I was assuming this was because of the apt signing key which was causing this, but this has an expiration of 1-1-2022), I noticed this was not because of this but because of the Lets Encrypt certificate.
There is nothing wrong with the certificate of https://artifacts.chirpstack.io/
(generated by Lets Encrypt), but the Lets Encrypt root certificate has expired: https://stackoverflow.com/questions/21181231/server-certificate-verification-failed-cafile-etc-ssl-certs-ca-certificates-c/69403278#69403278. These certificates must be present on your host machine in order to validate that the certificate used for https://artifacts.chirpstack.io/
is authentic.
In my case, the following sequence of commands solved the issue:
# this will show some errors
sudo apt update
# this will install all upgradable packages and updates the CA certificates including the Lets Encrypt certificate
sudo apt upgrade
# this will update the ChirpStack repository
apt update
# now you can upgrade the ChirpStack packages
apt upgrade
If that doesn't work, you could also try the comment posted in https://stackoverflow.com/questions/21181231/server-certificate-verification-failed-cafile-etc-ssl-certs-ca-certificates-c/69403278#69403278
For those having issues due to this, but unrelated to github, the following worked for me while following this comment stackoverflow.com/a/24492364/14633782: sudo apt-get install apt-transport-https ca-certificates -y sudo update-ca-certificates – Keipi Oct 1 at 10:17
Thank you for the quick response. The update and upgrade commands weren't enough to solve the issue for me, but I got the installation to work eventually after trying that stackoverflow solution, then running update and upgrade, and also rebooting the server once.
What happened?
When trying to install Chirpstack Gateway Bridge on our debian linux server following this guide https://www.chirpstack.io/gateway-bridge/install/debian/, installation failed due to expired certificate.
What did you expect?
Expected installation to work. I installed the Gateway Bridge last time Jan 2021 to a similar Debian server, it did work back then.
Steps to reproduce this issue
Steps:
Could you share your log output?
Your Environment
Linux Chirp2 4.19.0-8-amd64 #1 SMP Debian 4.19.98-1 (2020-01-26) x86_64