That said, it is better to update the OS. If you really can't update the OS, update the browser and the ca-certificates package. expired certificates won't work, and without updates, good luck getting new ones. If no updates have been applied (and 16.04 doesn't get updates), well. It works be default in current versions of Ubuntu, as well as 16.04 with updates applied (see this page for more information on that).
The computer in question needs to trust the ISRG Root X1 certificate for a lot of things to work. Also, update the ca-certificates package. Updating the browser shouldn't be too difficult, and may solve these certificate errors, but will also be more secure. If you can, I'd try to get him to update it. If he won't update the OS, I'd guess he is using an old (and unsupported) browser version. Even more so if it hasn't been updated for months or years. Because 16.04 is EOL, his computer will be less secure (more likely to get malware) than, say, Ubuntu 20.04. Ubuntu 16.04 went EOL in April 2021, and is no longer on-topic on Ask Ubuntu. My first hunch was that he might have changed the system date and time so that certificates appear to have expired. Is there maybe some new kind of standard for SSL certificates that is slowly being rolled out now and already in use for most but not all websites, that did not exist back then and is not supported by the old Firefox on that old Ubuntu? Or what could be the reason that this suddenly happens on this old system, and how to fix it? In short: I can't get any more info than this if I am not physically there. I also can't ask him to try with Chromium (not even sure it's installed), or do anything in a terminal etc. So for example, I can't ask him to check those certificates, click on the "more info" button or whatever, so I can see what certificates are presented to him. I can't ask him complicated questions because it confuses and frustrates him to no end. 
I don't live near my father and can't access his computer. The same happens for the start page in Thunderbird. And I don't understand why these apparently are not there on his end. When I visit the same websites they all have fresh certificates.
Firefox (I don't know which version - the latest available for Ubuntu 16.04) tells him that the connection is not secure, certificates have expired. Since a few months he cannot visit half the internet anymore. I have made many attempts to make him accept a newer system, to no avail.) My father uses an old computer with Ubuntu 16.04 on it.
0 kommentar(er)
