[colug-432] Ubuntu VPS Updating and/or SSL CA Update
Mark Aufdencamp
mark at aufdencamp.com
Sun Feb 5 15:41:21 EST 2012
Super Super Bowl Sunday to everyone!
I've a slight problem with an Ubuntu 9.10 Server in the cloud. I missed
the dist-update period and can no longer update from the command line.
It's sitting at Rackspace, so I can't really stick a CD in to perform an
upgrade. Anyone else run into this issue? Solutions on updating the OS
without having to rebuild a VPS?
It's an issue this weekend as I need to update the Verisign CA certs.
I've been working on some OAuth features in a Rails application and
apparently Twitter has had to change their "api.twitter.com" SSL cert
from Verisign, after Verisign was compromised last year. BTW, Nice
disclosure to the general public via an SEC filing!
(http://www.pcworld.com/businesscenter/article/249242/verisign_hacked_what_we_dont_know_might_hurt_us.html)
Thus when my Rails app makes an HTTPS request to api.twitter.com, it
throws an exception:
OpenSSL::SSL::SSLError (SSL_connect returned=1 errno=0 state=SSLv3 read
server certificate B: certificate verify failed)
I definitely don't want to turn off SSL verification in the Ruby
Net::HTTP classes SSL configuration. (http.verify_mode =
OpenSSL::SSL::VERIFY_NONE) I've found the updated Certs from Verisign
(http://www.verisign.com/support/roots.html).
Any advice on deploying these new Certs to /etc/ssl/certs ?
Thanks to all in advance!
Mark Aufdencamp
Mark at Aufdencamp.com
More information about the colug-432
mailing list