[Eisfair] [E1] certs: update revocation-list Fehlermeldung

Rolf Bensch azubi at bensch-net.de
Sa Nov 23 12:59:04 CET 2019 

Hallo Marcus,

Am 23.11.19 um 11:29 schrieb Marcus Roeckrath:
> Hallo Rolf,
> 
> Rolf Bensch wrote:
> 
>>>> - job '2660' (2019-11-24 18:07) already exists.
>>>> - downloading 'http://ocsp.comodoca.com/!serverdomain.org.pem' ...
>>>> - updating CRL list ...
>>>> - downloading 'http://ocsp.comodoca.com/!serverdomain.org-1.pem' ...
>>>> - updating CRL list ...
>>>> - job '2669' (2019-11-27 19:17) already exists.
>>>> - downloading 'http://ocsp.comodoca.com/!serverdomain.org-2.pem' ...
>>>> - updating CRL list ...
>>>> - job '2670' (2019-11-27 19:20) already exists.
>>>
>>> Du hattest die serverdomain.org-Dubletten wirklich gelöscht?
>>>
>> ja. gerade nochmals gecheckt:
>>
>> ibs-server # cd /usr/local/ssl/certs/
>> ibs-server # ls -l *comodo*
> 
> ls -l /usr/local/ssl/certs

ibs-server # ls -l /usr/local/ssl/certs
total 1592
lrwxrwxrwx 1 root root      49 Nov 23 11:13 01017373.0 -> 
comodo_rsa_domain_validation_secure_server_ca.pem
lrwxrwxrwx 1 root root      20 Nov 23 11:13 11851c4d.0 -> 
serverdomain.org.pem
lrwxrwxrwx 1 root root      18 Nov 23 11:13 12d55845.0 -> DST_Root_CA_X3.pem
lrwxrwxrwx 1 root root      26 Nov 23 11:13 157753a5.0 -> 
AddTrust_External_Root.pem
lrwxrwxrwx 1 root root      32 Nov 23 11:13 1e1eab7c.0 -> 
T-TeleSec_GlobalRoot_Class_3.pem
lrwxrwxrwx 1 root root      18 Nov 23 11:13 2e5ac55d.0 -> DST_Root_CA_X3.pem
lrwxrwxrwx 1 root root      59 Nov 23 11:14 2e5ac55d.r0 -> 
/var/certs/ssl/crl/crl.identrust.com-DSTROOTCAX3CRL.crl.pem
lrwxrwxrwx 1 root root      20 Nov 23 11:13 31fa623a.0 -> 
serverdomain.org.pem
lrwxrwxrwx 1 root root      53 Nov 23 11:13 33113644.0 -> 
telesec_serverpass_extended_validation_class_3_ca.pem
lrwxrwxrwx 1 root root      27 Nov 23 11:13 3513523f.0 -> 
DigiCert_Global_Root_CA.pem
lrwxrwxrwx 1 root root      27 Nov 23 11:13 399e7759.0 -> 
DigiCert_Global_Root_CA.pem
lrwxrwxrwx 1 root root      26 Nov 23 11:13 3c58f906.0 -> 
AddTrust_External_Root.pem
lrwxrwxrwx 1 root root       9 Nov 23 11:13 4348a456.0 -> imapd.pem
lrwxrwxrwx 1 root root      29 Nov 23 11:13 4a0a35c0.0 -> 
lets_encrypt_authority_x3.pem
lrwxrwxrwx 1 root root      29 Nov 23 11:13 4f06f81d.0 -> 
lets_encrypt_authority_x3.pem
lrwxrwxrwx 1 root root      32 Nov 23 11:13 5443e9e3.0 -> 
T-TeleSec_GlobalRoot_Class_3.pem
lrwxrwxrwx 1 root root      21 Nov 23 11:13 7e030718.0 -> 
vb.myfirewall.org.pem
lrwxrwxrwx 1 root root      53 Nov 23 11:13 8a9e97d8.0 -> 
telesec_serverpass_extended_validation_class_3_ca.pem
lrwxrwxrwx 1 root root      49 Nov 23 11:13 8d28ae65.0 -> 
comodo_rsa_domain_validation_secure_server_ca.pem
lrwxrwxrwx 1 root root       9 Nov 23 11:13 94741e4f.0 -> imapd.pem
-rw-r--r-- 1 root root    1517 Nov 19 10:40 AddTrust_External_Root.pem
-rw-r--r-- 1 root root    1197 Nov 19 10:40 DST_Root_CA_X3.pem
-rw-r--r-- 1 root root    1335 Nov 19 10:40 DigiCert_Global_Root_CA.pem
-rw-r--r-- 1 root root    1363 Nov 19 10:40 T-TeleSec_GlobalRoot_Class_3.pem
lrwxrwxrwx 1 root root      42 Nov 19 18:49 apache.pem -> 
/usr/local/ssl/certs/groener.spdns.org.pem
-rw-r--r-- 1 root root  221363 Nov 19 10:36 ca-bundle.crt
-rw-r--r-- 1 root root 1244047 Nov 19 10:36 certdata.txt
-rw-r--r-- 1 root root    6693 Nov 22 22:00 
comodo_rsa_certification_authority.pem
-rw-r--r-- 1 root root    6958 Nov 22 22:00 
comodo_rsa_domain_validation_secure_server_ca.pem
lrwxrwxrwx 1 root root      38 Nov 23 11:13 d4c339cb.0 -> 
comodo_rsa_certification_authority.pem
lrwxrwxrwx 1 root root      38 Nov 23 11:13 d6325660.0 -> 
comodo_rsa_certification_authority.pem
lrwxrwxrwx 1 root root      16 Nov 23 11:13 d874891e.0 -> mail.gmx.net.pem
lrwxrwxrwx 1 root root      21 Nov 23 11:13 e520aa13.0 -> 
vb.myfirewall.org.pem
lrwxrwxrwx 1 root root      42 Nov 19 18:49 exim.pem -> 
/usr/local/ssl/certs/groener.spdns.org.pem
lrwxrwxrwx 1 root root      16 Nov 23 11:13 ff1012a2.0 -> mail.gmx.net.pem
-rw-r--r-- 1 root root    3601 Nov  9 10:48 gmx_de.pem
-rw-r--r-- 1 root root    5662 Nov 19 18:49 groener.spdns.org.pem
-rw-r--r-- 1 root root    2082 Nov  9 10:03 imap.gmx.net.pem
lrwxrwxrwx 1 root root      42 Nov 19 18:49 imapd.pem -> 
/usr/local/ssl/certs/groener.spdns.org.pem
lrwxrwxrwx 1 root root      42 Nov 19 18:49 ipop3d.pem -> 
/usr/local/ssl/certs/groener.spdns.org.pem
-rw-r--r-- 1 root root    5374 Nov 22 22:00 lets_encrypt_authority_x3.pem
-rw-r--r-- 1 root root   12936 Nov 19 18:50 mail.gmx.net.pem
lrwxrwxrwx 1 root root      42 Nov 19 18:49 mini_httpd.pem -> 
/usr/local/ssl/certs/groener.spdns.org.pem
drwxr-xr-x 2 root root   53248 Nov 22 22:00 old
-rw-r--r-- 1 root root    8776 Nov 22 22:00 serverdomain.org.pem
-rw-r--r-- 1 root root    6064 Nov 19 18:50 
telesec_serverpass_extended_validation_class_3_ca.pem
-rw-r--r-- 1 root root    7215 Nov 22 22:00 vb.myfirewall.org.pem

> ...
> 
> Du musst noch Dubletten daruf haben, denn die -number Anhänge kommen von der
> Skripten des Certspaketes, wenn man den replace-Schalter nicht benutzt.
> 

Links erzeugen vielleicht Dubletten, aber niocht für *comodo*[1|2|3].pem 
- oder übersehe ich da etwas?

Grüße Rolf

Mehr Informationen über die Mailingliste Eisfair