![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
http://bugzilla.suse.com/show_bug.cgi?id=1133891 http://bugzilla.suse.com/show_bug.cgi?id=1133891#c3 Ludwig Nussel <lnussel@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P2 - High Version|Leap 15.0 |Leap 15.2 Assignee|tickopa@gmail.com |matthias@mailaender.name --- Comment #3 from Ludwig Nussel <lnussel@suse.com> --- calling a program other than update-ca-certificates in %post is incorrect as it doesn't take later updates of the ca-certs into consideration. Also doing anything with the legacy /etc/ssl/ca-bundle.pem is fishy. What does this cert-sync do exactly? The very minimal fix would be to have a script in ca-certifcates that calls it. The direct call from %post needs to go. https://github.com/openSUSE/ca-certificates Moving over to 15.2 as it's still the case there too. Back to maintainer. I can implement the ca-certificates part if you want me to. The thing in %post needs to go though. -- You are receiving this mail because: You are on the CC list for the bug.