I have an Ubuntu 14.04.5 LTS installation. It just recently became unable to verify modern Let's Encrypt certificates. The current version of ca-certificates
is 20160104ubuntu0.14.04.1
. apt search ca-certificates
tells me that the package is upgradeable to 20170717~14.04.2
from trusty-updates
, but I think that's probably not modern enough.
I see ca-certificates
version 20210119~18.04.2
in bionic-updates
. Is it possible to install this without disrupting the system? Is there a better way? Thanks.
Best Answer
You can install the latest stable certs from source (you'll need a working
wget
andunxz
or at least a way of copying the uncompressed .tar file or its contents onto your target server (perhaps justscp -r
once you've extracted it locally):