|
|
Thread Tools | Search this Thread |
05-22-2017, 09:19 AM | #46 | |
Going Viral
Posts: 17,212
Karma: 18210809
Join Date: Feb 2012
Location: Central Texas
Device: No K1, PW2, KV, KOA
|
Quote:
That only adds the root certificates for cacert.org, certificate authority. You want to replace current with the entire set of current ca root certificates. *) Need not be done on the Kindle, only the end result needs to be on the Kindle. *) Do not expect the Kindle to have the Debian/Ubunta certificate installer command available. *) There is no "Amazon specific" parts. Amazon is not a root ca, so they purchase the use of an existing certificate authority's root. Just like normal people have to. = = = = = Your first step is to do as I advised you to do, download the current Debian package: https://packages.debian.org/jessie/ca-certificates (So scroll to the bottom of that page for the link. Click the list of files on the right to see what you will be getting in the package.) or https://packages.debian.org/jessie/a...cates/download (Ignore the advice in the big red box, Kindles are not that similar to Debian/Jessie.) Download to a directory, your choice of name, for this specific purpose. Now, in that same directory which now has ONLY the ca-certificates package, make a new directory, your choice of name, to hold the contents. Open the Debian package with your archive handling tool, and extract the contents to the directory which you just made for the purpose. On my machine, I just used the path: ca-cert/20170517-deb/ for the two directories - they don't have to be that name, but that name path will remind you of what to expect when you reach the end. The lowest level path directory name includes the most recent update date of the package. Now you archiver will have created the paths included in the archive. In: ca-cert/20170517-deb/usr/bin You will find a script file that installs the package on a Debian system. Use that as a guide to what needs to be translated to a set of Kindle directions, DO NOT use something you stumbled upon on the 'net as your guide. in ca-cert/20170517-deb/etc/ssl/certs - that is where the symbolic links are at in a Debian system, I expect that in a Amazon system that has not been change. But it might have, so check it (I don't have a current K4 running so that I can give you specific directions). in ca-cert/20170517-deb/usr/share/ca-certificates you will find two directories - Those have the new content you want to use to replace the existing, out-dated, content on your Kindle. They probably will not need any processing other than moving. But first find the location on the Kindle that holds things of similar filename, just to be sure. Do whatever you find necessary to make what you have, fit into the directory tree structure that the Kindle uses. For instance: in ca-cert/20170517-deb/usr/share/ca-certificates/mozilla directory (at end of file tree) has 173 current certificate authority root certificates. You don't want to rename those files, but you do have to put them on the Kindle's file system (where the old ones now are at) and put symbolic links to them (wherever the Kindle's file system has the links to the old ones currently installed). Code:
Downloads $ tree ca-cert ca-cert ├── 20170517-deb │ ├── DEBIAN │ │ ├── config │ │ ├── control │ │ ├── md5sums │ │ ├── postinst │ │ ├── postrm │ │ ├── templates │ │ └── triggers │ ├── etc │ │ ├── ca-certificates │ │ │ └── update.d │ │ └── ssl │ │ └── certs │ └── usr │ ├── sbin │ │ └── update-ca-certificates │ └── share │ ├── ca-certificates │ │ ├── mozilla │ │ │ ├── ACCVRAIZ1.crt │ │ │ ├── ACEDICOM_Root.crt │ │ │ ├── AC_Raíz_Certicámara_S.A..crt │ │ │ ├── Actalis_Authentication_Root_CA.crt │ │ │ ├── AddTrust_External_Root.crt │ │ │ ├── AddTrust_Low-Value_Services_Root.crt │ │ │ ├── AddTrust_Public_Services_Root.crt │ │ │ ├── AddTrust_Qualified_Certificates_Root.crt │ │ │ ├── AffirmTrust_Commercial.crt │ │ │ ├── AffirmTrust_Networking.crt │ │ │ ├── AffirmTrust_Premium.crt │ │ │ ├── AffirmTrust_Premium_ECC.crt │ │ │ ├── ApplicationCA_-_Japanese_Government.crt │ │ │ ├── Atos_TrustedRoot_2011.crt │ │ │ ├── Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.crt │ │ │ ├── Baltimore_CyberTrust_Root.crt │ │ │ ├── Buypass_Class_2_CA_1.crt │ │ │ ├── Buypass_Class_2_Root_CA.crt │ │ │ ├── Buypass_Class_3_Root_CA.crt │ │ │ ├── CA_Disig_Root_R1.crt │ │ │ ├── CA_Disig_Root_R2.crt │ │ │ ├── Camerfirma_Chambers_of_Commerce_Root.crt │ │ │ ├── Camerfirma_Global_Chambersign_Root.crt │ │ │ ├── CA_WoSign_ECC_Root.crt │ │ │ ├── Certification_Authority_of_WoSign_G2.crt │ │ │ ├── Certigna.crt │ │ │ ├── Certinomis_-_Autorité_Racine.crt │ │ │ ├── Certinomis_-_Root_CA.crt │ │ │ ├── Certplus_Class_2_Primary_CA.crt │ │ │ ├── Certplus_Root_CA_G1.crt │ │ │ ├── Certplus_Root_CA_G2.crt │ │ │ ├── certSIGN_ROOT_CA.crt │ │ │ ├── Certum_Root_CA.crt │ │ │ ├── Certum_Trusted_Network_CA_2.crt │ │ │ ├── Certum_Trusted_Network_CA.crt │ │ │ ├── CFCA_EV_ROOT.crt │ │ │ ├── Chambers_of_Commerce_Root_-_2008.crt │ │ │ ├── China_Internet_Network_Information_Center_EV_Certificates_Root.crt │ │ │ ├── CNNIC_ROOT.crt │ │ │ ├── Comodo_AAA_Services_root.crt │ │ │ ├── COMODO_Certification_Authority.crt │ │ │ ├── COMODO_ECC_Certification_Authority.crt │ │ │ ├── COMODO_RSA_Certification_Authority.crt │ │ │ ├── Comodo_Secure_Services_root.crt │ │ │ ├── Comodo_Trusted_Services_root.crt │ │ │ ├── ComSign_CA.crt │ │ │ ├── Cybertrust_Global_Root.crt │ │ │ ├── Deutsche_Telekom_Root_CA_2.crt │ │ │ ├── DigiCert_Assured_ID_Root_CA.crt │ │ │ ├── DigiCert_Assured_ID_Root_G2.crt │ │ │ ├── DigiCert_Assured_ID_Root_G3.crt │ │ │ ├── DigiCert_Global_Root_CA.crt │ │ │ ├── DigiCert_Global_Root_G2.crt │ │ │ ├── DigiCert_Global_Root_G3.crt │ │ │ ├── DigiCert_High_Assurance_EV_Root_CA.crt │ │ │ ├── DigiCert_Trusted_Root_G4.crt │ │ │ ├── DST_ACES_CA_X6.crt │ │ │ ├── DST_Root_CA_X3.crt │ │ │ ├── D-TRUST_Root_Class_3_CA_2_2009.crt │ │ │ ├── D-TRUST_Root_Class_3_CA_2_EV_2009.crt │ │ │ ├── EBG_Elektronik_Sertifika_Hizmet_Sağlayıcısı.crt │ │ │ ├── EC-ACC.crt │ │ │ ├── EE_Certification_Centre_Root_CA.crt │ │ │ ├── Entrust.net_Premium_2048_Secure_Server_CA.crt │ │ │ ├── Entrust_Root_Certification_Authority.crt │ │ │ ├── Entrust_Root_Certification_Authority_-_EC1.crt │ │ │ ├── Entrust_Root_Certification_Authority_-_G2.crt │ │ │ ├── ePKI_Root_Certification_Authority.crt │ │ │ ├── Equifax_Secure_CA.crt │ │ │ ├── Equifax_Secure_eBusiness_CA_1.crt │ │ │ ├── Equifax_Secure_Global_eBusiness_CA.crt │ │ │ ├── E-Tugra_Certification_Authority.crt │ │ │ ├── GeoTrust_Global_CA_2.crt │ │ │ ├── GeoTrust_Global_CA.crt │ │ │ ├── GeoTrust_Primary_Certification_Authority.crt │ │ │ ├── GeoTrust_Primary_Certification_Authority_-_G2.crt │ │ │ ├── GeoTrust_Primary_Certification_Authority_-_G3.crt │ │ │ ├── GeoTrust_Universal_CA_2.crt │ │ │ ├── GeoTrust_Universal_CA.crt │ │ │ ├── Global_Chambersign_Root_-_2008.crt │ │ │ ├── GlobalSign_ECC_Root_CA_-_R4.crt │ │ │ ├── GlobalSign_ECC_Root_CA_-_R5.crt │ │ │ ├── GlobalSign_Root_CA.crt │ │ │ ├── GlobalSign_Root_CA_-_R2.crt │ │ │ ├── GlobalSign_Root_CA_-_R3.crt │ │ │ ├── Go_Daddy_Class_2_CA.crt │ │ │ ├── Go_Daddy_Root_Certificate_Authority_-_G2.crt │ │ │ ├── Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.crt │ │ │ ├── Hellenic_Academic_and_Research_Institutions_RootCA_2011.crt │ │ │ ├── Hellenic_Academic_and_Research_Institutions_RootCA_2015.crt │ │ │ ├── Hongkong_Post_Root_CA_1.crt │ │ │ ├── IdenTrust_Commercial_Root_CA_1.crt │ │ │ ├── IdenTrust_Public_Sector_Root_CA_1.crt │ │ │ ├── IGC_A.crt │ │ │ ├── ISRG_Root_X1.crt │ │ │ ├── Izenpe.com.crt │ │ │ ├── Juur-SK.crt │ │ │ ├── Microsec_e-Szigno_Root_CA_2009.crt │ │ │ ├── Microsec_e-Szigno_Root_CA.crt │ │ │ ├── NetLock_Arany_=Class_Gold=_Főtanúsítvány.crt │ │ │ ├── Network_Solutions_Certificate_Authority.crt │ │ │ ├── OISTE_WISeKey_Global_Root_GA_CA.crt │ │ │ ├── OISTE_WISeKey_Global_Root_GB_CA.crt │ │ │ ├── OpenTrust_Root_CA_G1.crt │ │ │ ├── OpenTrust_Root_CA_G2.crt │ │ │ ├── OpenTrust_Root_CA_G3.crt │ │ │ ├── PSCProcert.crt │ │ │ ├── QuoVadis_Root_CA_1_G3.crt │ │ │ ├── QuoVadis_Root_CA_2.crt │ │ │ ├── QuoVadis_Root_CA_2_G3.crt │ │ │ ├── QuoVadis_Root_CA_3.crt │ │ │ ├── QuoVadis_Root_CA_3_G3.crt │ │ │ ├── QuoVadis_Root_CA.crt │ │ │ ├── Root_CA_Generalitat_Valenciana.crt │ │ │ ├── RSA_Security_2048_v3.crt │ │ │ ├── Secure_Global_CA.crt │ │ │ ├── SecureSign_RootCA11.crt │ │ │ ├── SecureTrust_CA.crt │ │ │ ├── Security_Communication_EV_RootCA1.crt │ │ │ ├── Security_Communication_RootCA2.crt │ │ │ ├── Security_Communication_Root_CA.crt │ │ │ ├── Sonera_Class_2_Root_CA.crt │ │ │ ├── Staat_der_Nederlanden_EV_Root_CA.crt │ │ │ ├── Staat_der_Nederlanden_Root_CA_-_G2.crt │ │ │ ├── Staat_der_Nederlanden_Root_CA_-_G3.crt │ │ │ ├── Starfield_Class_2_CA.crt │ │ │ ├── Starfield_Root_Certificate_Authority_-_G2.crt │ │ │ ├── Starfield_Services_Root_Certificate_Authority_-_G2.crt │ │ │ ├── StartCom_Certification_Authority_2.crt │ │ │ ├── StartCom_Certification_Authority.crt │ │ │ ├── StartCom_Certification_Authority_G2.crt │ │ │ ├── S-TRUST_Authentication_and_Encryption_Root_CA_2005_PN.crt │ │ │ ├── S-TRUST_Universal_Root_CA.crt │ │ │ ├── Swisscom_Root_CA_1.crt │ │ │ ├── Swisscom_Root_CA_2.crt │ │ │ ├── Swisscom_Root_EV_CA_2.crt │ │ │ ├── SwissSign_Gold_CA_-_G2.crt │ │ │ ├── SwissSign_Platinum_CA_-_G2.crt │ │ │ ├── SwissSign_Silver_CA_-_G2.crt │ │ │ ├── SZAFIR_ROOT_CA2.crt │ │ │ ├── Taiwan_GRCA.crt │ │ │ ├── TC_TrustCenter_Class_3_CA_II.crt │ │ │ ├── TeliaSonera_Root_CA_v1.crt │ │ │ ├── thawte_Primary_Root_CA.crt │ │ │ ├── thawte_Primary_Root_CA_-_G2.crt │ │ │ ├── thawte_Primary_Root_CA_-_G3.crt │ │ │ ├── Trustis_FPS_Root_CA.crt │ │ │ ├── T-TeleSec_GlobalRoot_Class_2.crt │ │ │ ├── T-TeleSec_GlobalRoot_Class_3.crt │ │ │ ├── TÜBİTAK_UEKAE_Kök_Sertifika_Hizmet_Sağlayıcısı_-_Sürüm_3.crt │ │ │ ├── TURKTRUST_Certificate_Services_Provider_Root_2007.crt │ │ │ ├── TÜRKTRUST_Elektronik_Sertifika_Hizmet_Sağlayıcısı_H5.crt │ │ │ ├── TÜRKTRUST_Elektronik_Sertifika_Hizmet_Sağlayıcısı_H6.crt │ │ │ ├── TWCA_Global_Root_CA.crt │ │ │ ├── TWCA_Root_Certification_Authority.crt │ │ │ ├── USERTrust_ECC_Certification_Authority.crt │ │ │ ├── USERTrust_RSA_Certification_Authority.crt │ │ │ ├── UTN_USERFirst_Email_Root_CA.crt │ │ │ ├── UTN_USERFirst_Hardware_Root_CA.crt │ │ │ ├── Verisign_Class_1_Public_Primary_Certification_Authority.crt │ │ │ ├── Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.crt │ │ │ ├── Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.crt │ │ │ ├── Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.crt │ │ │ ├── Verisign_Class_3_Public_Primary_Certification_Authority.crt │ │ │ ├── Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.crt │ │ │ ├── VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.crt │ │ │ ├── VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.crt │ │ │ ├── VeriSign_Universal_Root_Certification_Authority.crt │ │ │ ├── Visa_eCommerce_Root.crt │ │ │ ├── WellsSecure_Public_Root_Certificate_Authority.crt │ │ │ ├── WoSign_China.crt │ │ │ ├── WoSign.crt │ │ │ └── XRamp_Global_CA_Root.crt │ │ └── spi-inc.org │ │ └── spi-cacert-2008.crt │ ├── doc │ │ └── ca-certificates │ │ ├── changelog.gz │ │ ├── copyright │ │ ├── examples │ │ │ └── ca-certificates-local │ │ │ ├── debian │ │ │ │ ├── ca-certificates-local.triggers │ │ │ │ ├── changelog │ │ │ │ ├── compat │ │ │ │ ├── control │ │ │ │ ├── copyright │ │ │ │ ├── postrm │ │ │ │ ├── rules │ │ │ │ └── source │ │ │ │ └── format │ │ │ ├── local │ │ │ │ ├── Local_Root_CA.crt │ │ │ │ └── Makefile │ │ │ ├── Makefile │ │ │ └── README │ │ ├── NEWS.Debian.gz │ │ └── README.Debian │ └── man │ └── man8 │ └── update-ca-certificates.8.gz └── ca-certificates_20141019+deb8u3_all.deb So read them. Like I posted above, I don't have a K4 running on which to invent a set of key-stroke by key-stroke directions for you. Note: If your archive tool can't un-archive a *.deb package - They are just an ar archive that contain other archives (you will recognize them by name). |
|
05-22-2017, 01:05 PM | #47 |
Wizard
Posts: 1,059
Karma: 3000026
Join Date: Feb 2012
Location: Cape Canaveral
Device: Kindle Scribe
|
Thank you knc1! I'll try
|
05-22-2017, 02:46 PM | #48 |
Going Viral
Posts: 17,212
Karma: 18210809
Join Date: Feb 2012
Location: Central Texas
Device: No K1, PW2, KV, KOA
|
You should probably check what certificate chain is being sent by the site you are having trouble with (easier from your pc than from Kindle, but this will work from Kindle also).
Then see if the required root certificate (the one not in the chain) is in the collection of root certificates. No sense in going to all of that work if it isn't going to fix the problem. Note: Sometime servers are configured to not send all intermediate certificates, which is wrong, but what can you do? (unless you are the server admin ) Ref: https://langui.sh/2009/03/14/checkin...-with-openssl/ A worked example, just substitute the domain name you are having trouble with: (If your PC does not have OpenSSL installed, discard it, it is a junk system your Kindle does have it installed.) Spoiler:
Terminate the session with a ctrl-d Note the sample above has two attempts, only the second one uses tls1 (which is what that March 2016 update added to your Kindle). You can see that Amazon is no longer accepting anything other than tls1 (see first attempt in the spoiler - which failed). |
05-30-2017, 01:28 AM | #49 |
Wizard
Posts: 1,059
Karma: 3000026
Join Date: Feb 2012
Location: Cape Canaveral
Device: Kindle Scribe
|
Dear knc1,
Thank you so much for your detailed instructions! Today I finally got my hands on this issue and updated the certificates. After a bit of investigation, here is a recap for those who would like to repeat this on their Kindle 4 Non-Touch: 1) Download a debian package from here (I used jessie, which is stable); 2) Copy all the archive's content to Kindle's root (/usr to /usr, /etc to /etc); 3) Create ca-certificates.conf in /mnt/us/ , containing only comments from this example. Make sure it has LF type of new line (for Unix), not CR LF (for Windows). Otherwise the update script cannot read it properly (yes, first time I did it wrong); 4) Update this conf: $ cd /usr/share/ca-certificates/ $ find -type f -name '*.crt' >> /mnt/us/ca-certificates.conf 5) Copy it to /etc/ folder (I removed ./ starting symbols, but I think it optional, but didn't test). Don't forget to do mntroot rw first; 6) Run (from Putty cmd): $ update-ca-certificates It should show: Updating certificates in /etc/ssl/certs... and then an update on how it did. This script created symbolic links in /etc/ssl/certs/ folder (however they have a .pem extension and L777 attribute at the same time, never seen such links before on Ubuntu, Nook or Kindle) and completely replaced ca-certificates.cert in there. Outcomes: 1) Wikipedia is doing it all smoothly, without any warnings! 2) WSJ.com is not loading, or even trying. However, even open ssl cannot connect to it from PC: Code:
> openssl s_client -showcerts -connect www.wsj.com:443 Loading 'screen' into random state - done CONNECTED(00000200) 15692:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:./ssl/s23_clnt.c:580: So I just dropped it accessing from the browser. 3) NYTimes is doing better than before. Now it loading OK until the last point, where it complains that it cannot establish a secure connection with something else, other than nytimes itself (I didn't remember the link) and suggests 'yes' to continue. Then says that Kindle cannot load the requested page, but this time it refers not to nytimes - it doesn't disappear, - but to that last bit. I checked from PC and I think it is a pop-up banner that shows up upon loading, I am 99% confident that popups are not supported in Kindle 4's browser. 4) Unencrypted websites like the-ebook.org or readrate.com just ask once whether I would like to say 'yes' like before, but that's OK! They are still readable. Finally, the certificates and security issue was resolved all the way until it reaches the boundaries of the ancient Kindle browser's bottleneck. I am very glad to see that the browser was designed wise enough (thanks lab126!) to pick up this Unix-type structure of certificates. Thank you knc1 again! That was a wonderful journey to Unix world's security country. P.S. Since I mentioned it above, hope this detail does not fall into off-topic. In order to get 'zoomed in' readable websites, we can use mobile versions of some website, for example, m.nytimes.com (I guess somebody already suggested that thing here, but sorry I don't remember) along with Readability css tweak (I believe it is tweakable since its css is available in /usr/share/browser/readability_min_utf16.css): Spoiler:
Important Update I had some problems with delivering purchased books. Tried to revert the old certificates - the delivery worked. Then I just copied the first three certificate blocks from old cert file to new one - and it worked! Last edited by mergen3107; 05-30-2017 at 07:31 AM. |
05-30-2017, 09:35 AM | #50 |
Going Viral
Posts: 17,212
Karma: 18210809
Join Date: Feb 2012
Location: Central Texas
Device: No K1, PW2, KV, KOA
|
I just checked the home page of nytimes.com - - -
At the moment it has 182 external links on that page, all of them HTTPS (not 182 different sites, but 182 external links, plus 2 web-beacons) = = = = In the sample openssl command, add: -tls1 to the options you show, then it should connect and that is the protocol the update a year ago last march should have added to your K4 browser. |
02-27-2020, 03:08 PM | #51 |
Member
Posts: 19
Karma: 10
Join Date: Mar 2019
Device: kindle dxg, kindle pw3
|
hello, Wikipedia currently working in Kindle browser's on 3G?
Updated ca-certificates (2019 year), but - "Web Browser is unable to establish a secure connection to this web site" and only button "Close". Site Amazon work correct in Kindle browser (https). |
02-27-2020, 04:56 PM | #52 |
Going Viral
Posts: 17,212
Karma: 18210809
Join Date: Feb 2012
Location: Central Texas
Device: No K1, PW2, KV, KOA
|
What device?
(and what is a "Kindle p3" ?) |
02-28-2020, 05:44 AM | #53 |
Member
Posts: 19
Karma: 10
Join Date: Mar 2019
Device: kindle dxg, kindle pw3
|
kindle dxg (free 3G) update 3.4.3 (firmware kindle keyboard).
About half a year ago dxg 3.4.2 and old ca-certificate deb package worked wiki, update on 3.4.3 - stopped working and new ca-certificate not resolve problem. Now only amazon work through 3G or certificate unsuitable? "Kindle p3" -> pw3 -) |
02-28-2020, 08:55 AM | #54 | |
Going Viral
Posts: 17,212
Karma: 18210809
Join Date: Feb 2012
Location: Central Texas
Device: No K1, PW2, KV, KOA
|
Quote:
(Some companies are dropping 3G (and 2G) with the advent of 4G&5G) Only Amazon site(s) are working? Sounds like they made changes to their proxy system. You might have to revert to 3.4.2 |
|
02-29-2020, 08:17 AM | #55 | |
Member
Posts: 19
Karma: 10
Join Date: Mar 2019
Device: kindle dxg, kindle pw3
|
Quote:
In this case, a rollback to 3.4.2 I think does not affect, thx. |
|
10-29-2022, 04:16 AM | #56 |
Junior Member
Posts: 1
Karma: 10
Join Date: Oct 2022
Device: Kindle Voyage
|
Hi there,
I have run into the same issue, where the experimental browser is complaining that it is unable to establish a secure connection. On some pages quite a lot of times. I have just finished JB in the hope I could update the root certificates, but either I have missed something, or in the case of newer devices the OS filesystem is not accessible. I have also installed the KUAL, because it looked like the extensions could be the right path. I have tried to study the "GNU Awk Installer" extension, but I got lost in the code. So, there are two options either I am blind and there is a way to access the filesystem on newer devices or there is somebody here who will not get lost and will be able to write an extension which will update the certs. Hopefully, this is just an issue of the root certs and not an issue of the TLS version. Thanks for any answer! regards PiGeon Kindle Voyage v5.13.6 with JB |
10-29-2022, 06:11 AM | #57 | |
rm -rf /
Posts: 219
Karma: 3333683
Join Date: Nov 2019
Location: United Kingdom
Device: K5, KT, KT2, KT3, KT4, KV, PW2, PW3, PW4, PW5
|
Quote:
There's 2 places where SSL certificates are stored, /etc/ssl/ca-certificates.crt and /usr/java/lib/security/cacerts. The first is a plaintext file where the certificates can just be appended and the second is a standard Java keystore which can be edited by keytool using either changeit or passwordchanged as the password (the latter in your case, I think). keytool isn't included on the actual device so you'd need to copy the file to a PC with keytool installed, make changes, then push it back to the device. |
|
11-06-2022, 04:52 AM | #58 | |
Connoisseur
Posts: 65
Karma: 100000
Join Date: Aug 2015
Device: Kindle Keyboard + Kindle Voyage WiFi + Kindle PW11 Kids
|
Quote:
|
|
11-06-2022, 11:30 AM | #59 |
Grand Sorcerer
Posts: 5,275
Karma: 98804578
Join Date: Apr 2011
Device: pb360
|
|
01-19-2024, 09:14 AM | #60 |
Enthusiast
Posts: 27
Karma: 10
Join Date: Dec 2023
Device: K3
|
I am trying to update certs for K3 and I am getting this error:
/etc/ssl/certs$ update-ca-certificates -sh: update-ca-certificates: Permission denied Using WinSCP and it looks like I am log in as a root. /etc/ssl/certs$ ls -l $(which update-ca-certificates) -rw-r--r-- 1 root root 13831 Jan 19 14:27 ca-certificates.conf Am I doing something wrong? |
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Legal web site: "Please stop calling Amazon a monopoly" | fjtorres | General Discussions | 44 | 10-19-2014 05:25 AM |
Possible bug: "Aborted" rendering in Web Browser with text boxes | arspr | Kobo Reader | 0 | 09-27-2014 08:21 AM |
Is there any site that can shrink/split web pages for kindle's "basic web"? thanks | kocoman | Amazon Kindle | 1 | 03-22-2013 06:01 PM |
Barnes & Noble mulls Android SDK for Nook, says web browser "if readers want it" | sforce | News | 15 | 10-22-2009 03:25 AM |
Mobileread wins "Best Technology Web Site" award | Colin Dunstan | Announcements | 3 | 01-04-2006 10:51 AM |