When running kaisen-update I am getting the following error:
Err:3 https://dl.google.com/linux/chrome/deb stable InRelease
Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown. The name in the certificate does not match the expected. Could not handshake: Error in the certificate verification. [IP: x.x.x.x 443]
Strangely, I do not have chrome installed!? (I may have had it installed in the past).
But I don’t understand your problem. In Kaisen, all repositories can be found in the /etc/apt directory, respectively in the /etc/apt/sources.list or in the /etc/apt/sources.list.d/???.list
That is what I thought. But there are definitely no references to google-chrome there.
I do not have flatpak or snap installed either.
I didn’t add the chrome repository by default.
I tried an apt update straight after a kaisen-update and guess what: I again got the “certificate verification failed” message!
So the issue must be with apt, but I have no idea where apt would look outside of /etc/apt to get a directory address?
Anyway, thanks for trying to help. The issue seems to be with apt itself now and NOT with kaisen.
So you can close this issue.
If I find the solution/cause, I will post back here, otherwise I may go to a hardened version of Debian when Bookworm is release (in about a month time I think) for a while. I do tend to become paranoid when there is something happening I do not understand. I try to operate in an extremely secure environment. As a matter of fact it is my perimeter router with snort that detected the attempt to connect to the google-chrome repo.