still get
Current version is 17.0.1.
[Exception]
Could not do request to updater server: error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
update
when try
# openssl s_client -connect updates.nextcloud.com:443 -CApath /etc/ssl/certs/ca-certificates.crt
get
CONNECTED(00000003)
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify error:num=20:unable to get local issuer certificate
---
Certificate chain
0 s:/CN=docs.nextcloud.com
i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIGcDCCBVigAwIBAgISA5OPnnpcLDsFLuN0VDucQKEZMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMDkwMzAwMzFaFw0y
MDAzMDgwMzAwMzFaMB0xGzAZBgNVBAMTEmRvY3MubmV4dGNsb3VkLmNvbTCCAiIw
DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALHwDwFFXiMJwvx4nnZJNH4jh5th
Fl/Yk/PqrLnRp2BB97Nm+GFNlHm9pKbttLjzX99j+Jbhz02r07Hm3jTgx4BpBuV+
3SL2o5PF5tjVJUEq0qvlkzWijms7Iv6xPrmq/Puzx7Bk0J4neAF09k8l1tvCSh03
Ulkq/WMefmBigKgpmDIJi7OXUHghTRBcEQ1ykivKL6/dEKdb0xNAZlgdeUp2Ztnk
U0xSwrLjZy1Plm4m+iWPcoQLWMZwlpJUwibdqqShg2LjeUykwk8n7I7XndfFnAF+
HIDlEbznKaoviVDa+WjFAzQThAVMSgH6A5YZG/t4hpdc8FJxA70qI5stNzaEOKGQ
hRltxfstSSHZfUgUSFimIepqnyvQmAVEa5ImVJNji3tIwS1aEbvcR3OAtt5oiP0c
YrZ0vW0FkXGAAScmsf849cs4cdqGjEMREyajJ3N8iQFaax+NQI30P7Mwl89HiuiA
TM6P1tH0GOYOuePt3jCzNPdDCa51aU6B9ehKRmVymGovmzqGffLdq8FrXD4bWBFM
L/NG7Km1LirvNbZM8Yd83TfY7PZWljX6jcRErDzNuTtMc74Iho3uaBz+gyMhhiNV
ztEO7XIXgbSFl9a5SFO2eRicKaR+8mE9fFnn/EbTu5ioIz5Co/9XQ/Nr+FSS+HkU
ZlKqJ4KndWynR/s3AgMBAAGjggJ7MIICdzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l
BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE
FChNF3ovZRuCkFMiv7MPAxusW1ESMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZF
Ze/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3Au
aW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQu
aW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wHQYDVR0RBBYwFIISZG9jcy5uZXh0Y2xv
dWQuY29tMBEGCCsGAQUFBwEYBAUwAwIBBTBMBgNVHSAERTBDMAgGBmeBDAECATA3
BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNy
eXB0Lm9yZzCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2APCVpFnyANGCQBAtL5OI
jq1L/h1H45nh0DSmsKiqjrJzAAABbujQ2UQAAAQDAEcwRQIgMI6HYdvkMDfjhpJb
EY3JV6C1zDhYFP8/zPNz6jCghQICIQC15W08AJ97YHZjmAu38hqe3hH7rjq/MgXO
z4tN0iTAzgB3ALIeBcyLos2KIE6HZvkruYolIGdr2vpw57JJUy3vi5BeAAABbujQ
2WkAAAQDAEgwRgIhAN6PUA28oL6md517yxd3i1QMidPqffzWOB7R1TMq3XauAiEA
5kqeB3zdalMOAY9QjzH7nmHpCPNV1JGcq9l1+IzQY+QwDQYJKoZIhvcNAQELBQAD
ggEBABAMXz9nZWSQigREbrIlrDPYkussjHd6VDBqfxi0RZMEIBGOY+9SPqUOeLTG
xgbURwi2RV3NnJ/yws0tEBzEAyAjgIVFN3ZmJz8hFTbtEtF/teVt1hoEZ8SF1Bkr
imP3zX9T8NMayEwD/1kntQAdcODPqMNBpb7BzygiVxGKPvyERGLcoNbQlHhok6Vw
fbgnLfO1phxv2uUvGVfeWBbNz+2Y7GDOCnzC8kbyTobF6RGW6iqqYZRzaw5N/wBO
pCwM1Drv4NIzh68FRUeN7kJNWv4D0FobpewHP5bGUZj6g6ZMddaA3dGxPSh2dxX6
UBu7YpQVhPc91ngBebmjimRD6Fw=
-----END CERTIFICATE-----
subject=/CN=docs.nextcloud.com
issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
---
No client certificate CA names sent
Peer signing digest: SHA256
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 3742 bytes and written 269 bytes
Verification error: unable to get local issuer certificate
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 4096 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: 701AE954B188DF79FBA00562D7F22108F18CA092206E0AC0567C463B0A63F0BA
Session-ID-ctx:
Master-Key: 3A6E5FA00CCF35ACC768EEAE4CFFEB78A22F3390A940074ED3743E60502926A9EBB0D6DCF1E081E3E6ABDCC9BC62F311
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - db 7a af 6e e1 6b 59 d6-ee 53 bd eb 61 1c 3a 20 .z.n.kY..S..a.:
0010 - c0 d6 9b 19 2d de 3f fa-43 a3 9b 1a d1 55 ed 35 ....-.?.C....U.5
0020 - 19 5a 16 1b 6e b3 a7 f7-dd 38 75 18 42 f3 25 a6 .Z..n....8u.B.%.
0030 - f2 cf e2 11 bd 17 4f ae-f7 3e 88 18 0e 26 d1 23 ......O..>...&.#
0040 - f8 70 0e 94 7e 45 40 0d-d3 a5 81 47 af ea 15 20 .p..~E@....G...
0050 - 67 3e 47 fa f4 78 29 f5-c4 2d a0 9c e0 04 b3 7e g>G..x)..-.....~
0060 - 5a 28 a8 79 17 ab 40 c8-15 6e 37 a2 2a b3 25 00 Z(.y..@..n7.*.%.
0070 - 5b 4d a9 5b fa 21 e0 5e-e2 35 18 9b 88 24 f3 66 [M.[.!.^.5...$.f
0080 - 4d 95 bd 17 c0 2c 09 58-bc 95 73 15 b6 ae 3b d3 M....,.X..s...;.
0090 - 7b 96 c7 ef e3 ed 89 e0-81 9a a9 7b 67 78 8a f5 {..........{gx..
00a0 - 16 39 5e f2 1c 7a e9 d5-d3 73 af df 48 fe 32 21 .9^..z...s..H.2!
00b0 - d1 f6 e6 80 27 e5 ff 13-cc f1 18 6a 17 9c d3 b3 ....'......j....
Start Time: 1580663557
Timeout : 7200 (sec)
Verify return code: 20 (unable to get local issuer certificate)
Extended master secret: yes
---
closed
but with
# openssl s_client -connect updates.nextcloud.com:443 -CApath /etc/ssl/certs/
get
CONNECTED(00000003)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = docs.nextcloud.com
verify return:1
---
Certificate chain
0 s:/CN=docs.nextcloud.com
i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIGcDCCBVigAwIBAgISA5OPnnpcLDsFLuN0VDucQKEZMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMDkwMzAwMzFaFw0y
MDAzMDgwMzAwMzFaMB0xGzAZBgNVBAMTEmRvY3MubmV4dGNsb3VkLmNvbTCCAiIw
DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALHwDwFFXiMJwvx4nnZJNH4jh5th
Fl/Yk/PqrLnRp2BB97Nm+GFNlHm9pKbttLjzX99j+Jbhz02r07Hm3jTgx4BpBuV+
3SL2o5PF5tjVJUEq0qvlkzWijms7Iv6xPrmq/Puzx7Bk0J4neAF09k8l1tvCSh03
Ulkq/WMefmBigKgpmDIJi7OXUHghTRBcEQ1ykivKL6/dEKdb0xNAZlgdeUp2Ztnk
U0xSwrLjZy1Plm4m+iWPcoQLWMZwlpJUwibdqqShg2LjeUykwk8n7I7XndfFnAF+
HIDlEbznKaoviVDa+WjFAzQThAVMSgH6A5YZG/t4hpdc8FJxA70qI5stNzaEOKGQ
hRltxfstSSHZfUgUSFimIepqnyvQmAVEa5ImVJNji3tIwS1aEbvcR3OAtt5oiP0c
YrZ0vW0FkXGAAScmsf849cs4cdqGjEMREyajJ3N8iQFaax+NQI30P7Mwl89HiuiA
TM6P1tH0GOYOuePt3jCzNPdDCa51aU6B9ehKRmVymGovmzqGffLdq8FrXD4bWBFM
L/NG7Km1LirvNbZM8Yd83TfY7PZWljX6jcRErDzNuTtMc74Iho3uaBz+gyMhhiNV
ztEO7XIXgbSFl9a5SFO2eRicKaR+8mE9fFnn/EbTu5ioIz5Co/9XQ/Nr+FSS+HkU
ZlKqJ4KndWynR/s3AgMBAAGjggJ7MIICdzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l
BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE
FChNF3ovZRuCkFMiv7MPAxusW1ESMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZF
Ze/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3Au
aW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQu
aW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wHQYDVR0RBBYwFIISZG9jcy5uZXh0Y2xv
dWQuY29tMBEGCCsGAQUFBwEYBAUwAwIBBTBMBgNVHSAERTBDMAgGBmeBDAECATA3
BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNy
eXB0Lm9yZzCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2APCVpFnyANGCQBAtL5OI
jq1L/h1H45nh0DSmsKiqjrJzAAABbujQ2UQAAAQDAEcwRQIgMI6HYdvkMDfjhpJb
EY3JV6C1zDhYFP8/zPNz6jCghQICIQC15W08AJ97YHZjmAu38hqe3hH7rjq/MgXO
z4tN0iTAzgB3ALIeBcyLos2KIE6HZvkruYolIGdr2vpw57JJUy3vi5BeAAABbujQ
2WkAAAQDAEgwRgIhAN6PUA28oL6md517yxd3i1QMidPqffzWOB7R1TMq3XauAiEA
5kqeB3zdalMOAY9QjzH7nmHpCPNV1JGcq9l1+IzQY+QwDQYJKoZIhvcNAQELBQAD
ggEBABAMXz9nZWSQigREbrIlrDPYkussjHd6VDBqfxi0RZMEIBGOY+9SPqUOeLTG
xgbURwi2RV3NnJ/yws0tEBzEAyAjgIVFN3ZmJz8hFTbtEtF/teVt1hoEZ8SF1Bkr
imP3zX9T8NMayEwD/1kntQAdcODPqMNBpb7BzygiVxGKPvyERGLcoNbQlHhok6Vw
fbgnLfO1phxv2uUvGVfeWBbNz+2Y7GDOCnzC8kbyTobF6RGW6iqqYZRzaw5N/wBO
pCwM1Drv4NIzh68FRUeN7kJNWv4D0FobpewHP5bGUZj6g6ZMddaA3dGxPSh2dxX6
UBu7YpQVhPc91ngBebmjimRD6Fw=
-----END CERTIFICATE-----
subject=/CN=docs.nextcloud.com
issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
---
No client certificate CA names sent
Peer signing digest: SHA256
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 3742 bytes and written 269 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 4096 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: 55F2D2DB7C6D8CA431BE204227DE8753F39534EFAB8FA5260F67BD62D0DD26A8
Session-ID-ctx:
Master-Key: E67CEE06D12224DF54E9D5FC4AEE2CEB56E3A7F0CF1BBA2E8108185EF8EB84391279A3CC7D39E05DB382D409D8DF4831
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - db 7a af 6e e1 6b 59 d6-ee 53 bd eb 61 1c 3a 20 .z.n.kY..S..a.:
0010 - 47 f2 58 6f a7 cb 30 46-c7 dc bf d2 05 c8 c0 ff G.Xo..0F........
0020 - 75 b7 15 27 fb b2 27 1d-eb 57 94 85 05 ae c6 fe u..'..'..W......
0030 - 7d f6 27 71 55 f2 0c 25-38 95 f5 72 44 f9 75 ec }.'qU..%8..rD.u.
0040 - d0 84 8c 54 df 4e cb 98-b0 5a 06 95 26 dd be a1 ...T.N...Z..&...
0050 - 97 2a ee 57 5f b6 1f 65-d2 11 bb 7f b5 00 6c ca .*.W_..e......l.
0060 - ea 8d ee 8b 8d df d4 36-56 3d 2c 8d d7 77 90 9a .......6V=,..w..
0070 - c5 ec ab 36 de 74 1f 5d-e1 31 2b cf 22 ab f6 70 ...6.t.].1+."..p
0080 - c4 41 f8 b0 0f 50 9b 41-e6 da fb 9c 28 ea ae 01 .A...P.A....(...
0090 - a8 49 c1 09 fa 58 69 12-66 be 25 2f 4f 86 1f 6c .I...Xi.f.%/O..l
00a0 - 4b cc 55 cc af 60 ba 6f-a6 7f 73 a2 2b 13 c2 80 K.U..`.o..s.+...
00b0 - 15 3a 40 87 90 52 a6 28-99 b8 97 88 6b 27 58 b0 .:@..R.(....k'X.
Start Time: 1580663707
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: yes
---
closed
I try to get the ca-certificate.crt from nextcloud container still get the error.
so how can get the required certificate for certs directory as it’s verified .
about apps update
check
Best Regards