Bug 35611

Summary: Add UCS Root CA as a trusted certificate
Product: UCS Reporter: Janis Meybohm <meybohm>
Component: SSLAssignee: Bugzilla Mailingliste <bugzilla>
Status: RESOLVED DUPLICATE QA Contact:
Severity: enhancement    
Priority: P5 CC: best, gohmann
Version: UCS 3.2   
Target Milestone: UCS 3.2-x   
Hardware: Other   
OS: Linux   
What kind of report is it?: --- What type of bug is this?: ---
Who will be affected by this bug?: --- How will those affected feel about the bug?: ---
User Pain: Enterprise Customer affected?:
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional):
Max CVSS v3 score:
Bug Depends on:    
Bug Blocks: 35677    

Description Janis Meybohm univentionstaff 2014-08-14 12:51:48 CEST 
Ticket#: 2014081321000306

Maybe we should add the generated UCS Root CA to the list of trusted certificates on every UCS system, like:

univention-install ca-certificates
ln -s /etc/univention/ssl/ucsCA/CAcert.pem /usr/local/share/ca-certificates/ucs-root.crt
update-ca-certificates

That would also "AUTOFIX" bug34294


At the moment it looks a bit strange that you get "certificate verification ... untrusted issuer" errors if you configure a system with UCS generated certificate as smtp relay.
Comment 1 Florian Best univentionstaff 2015-11-26 12:25:55 CET 
Same as Bug #39179. The TM of that bug is better, so closing this bug as duplicate :)
@Jan Christoph: Please move your votes to the other Bug ;-)

*** This bug has been marked as a duplicate of bug 39179 ***