当前位置:首页 > 技术心得 > 正文内容

黑群晖:certificate has expired or is not yet valid

xjtudll1个月前 (12-29)技术心得350

https://blog.csdn.net/weixin_54655073/article/details/138663733

  1. sudo -i

  2. mv /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt.bak

  3. sudo curl -Lko /etc/ssl/certs/ca-certificates.crt https://curl.se/ca/cacert.pem

  4. synoservice --restart pkgctl-Docker (重启docker,如果卡住,就重启设备)

 

https://alexnj.com/blog/updating-root-certificates-on-synology/

Updating CA root certificate bundle on Synology

I ran into the issue of my Synology NAS not being able to pull from my local Docker registry:

docker: Error response from daemon: Get "https://redacted-local-hostname.net/v2/": x509: certificate has expired or is not yet valid

Turns out my Synology hasn't been picking up the latest CA root certificates. I could verify that this is the issue by running curl

curl -I https://alexnj.com  
curl: (60) SSL certificate problem: certificate has expired  
More details here: https://curl.haxx.se/docs/sslcerts.html  
...

Fixing this turned out rather easy. The commands below download the up-to-date root certificates from curl.se, in PEM format. We move it to the place where Synology keeps the CA-certificate bundle, overwriting it. We create a backup of the origin CA-certificate bundle, with a .backup extension, just in case you'd want to revert for any reason.

cp /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt.backup  
wget --no-check-certificate https://curl.se/ca/cacert.pem  
mv cacert.pem /etc/ssl/certs/ca-certificates.crt

After this, the same curl command started succeeding. However, Docker was still throwing the same error — meaning it didn't pick up the updated root certificates. Solution? Let's try restarting the Synology Docker daemon:

synoservice --restart pkgctl-Docker

That took care of it. If you run into the same issue with your Synology, hope this helps!

扫描二维码推送至手机访问。

版权声明:本文由鸟的天空发布,如需转载请注明出处。

本文链接:http://xjtudll.cn/Exp/698/

标签: NAS
分享给朋友:

“黑群晖:certificate has expired or is not yet valid” 的相关文章

Altium导入网表Netlist

Altium导入网表Netlist

用Altium的时候,发现原来Protel99SE里面的通过Netlist更新到PCB的功能不见了。乍一看,似乎只能通过Update来更新PCB了,其实不然,原来通过Netlist更新PCB的功能依然存在,只是难以找到这个功能菜单而已。 在Altium里面,是show difference方式的,...

Proteus电源设置

Proteus电源设置

Proteus中,默认电源为VCC=5V,GND=0,当我们要使用其它电压值时该怎么办?例如3.3V,-5V,15V等等,没关系,有专门的菜单可以设置,跟我学:菜单: 新增加: 注意Name可以随意和Voltage值才是电压值 比如系统默认VEE=-5V ...

光耦应用笔记

1、光耦的简介及分类 光耦合器(opticalcoupler,英文缩写为OC)亦称光电隔离器或光电耦合器,简称光耦。它是以光为媒介来传输电信号的器件,通常把发光器(红外线发光二极管LED)与受光器(光敏半导体管)封装在同一管壳内。当输入端加电信号时发光器发出光线,受光器接受光线之后就产生光电流,从...

金蝶K3:api说明打开只有网页的头,没有内容

金蝶K3:api说明打开只有网页的头,没有内容

问题描述 api说明打开只有网页的头,没有内容。问题的图片如下: 问题原因 检查api日志可以看到如下内容:数据库访问异常,请联系管理员... 解决方案 打开账套管理--点击异常账套--点击左上角的属性,检查配置的身份是不是SQL server身份认证,是不是没有填写sa的密码。...

金蝶物料属性为自制,MRP计算需要产生委外类型的计划订单?

解决方案如下: 物料资料中设置该物料的默认生产类型为委外加工即可。具体操作步骤如下: 1、登录KIS旗舰版主控台,依次单击【系统设置】→【基础资料】→【公共资料】,双击【物料】; 2、进入物料资料界面,选择需要设置的物料点击【修改】,在弹出的【物料-修改】窗口中,选择【计划资料】...

K3老单插件控制字段显示

K3老单插件控制字段显示

https://www.cnblogs.com/youzhangcai1/p/10685778.html 【问题描述:】 我想在工业单据的插件中锁定单据头字段,但实现不了? 【解决方法:】 For i = 0 To m_BillTransfer.Head.count - 1 &n...

发表评论

访客

◎欢迎参与讨论,请在这里发表您的看法和观点。