Question About PureOS Apt Sources

Dlonk · October 8, 2023, 12:24am

The first time that I put my Librem 5 USA (Liberty) online, the first action I did was to open Terminal app to run:

sudo apt-get update

But the first time that I ran the command, it gave a ton of errors indicating that Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate. Could not handshake: Error in the certificate verification. [IP: 49.13.57.135 443]

Then, I ran the command a second time and it worked fine.

Is this any kind of security issue or is this expected? Was my device just slow to refresh a certificate cache?

pajuky · October 8, 2023, 12:57am

Two possibilities I can think of:

one server had out of date certificates
your phone had not yet synchronized its clock so ssl validation failed as a result

Dlonk · October 9, 2023, 4:53am

I decided that I think the problem was probably the clock not yet being synchronized like you said, so I have not bothered to investigate this issue further. Thanks!