Join Log in
Score:0
Frank Aldridge avatar Ubuntu

Kindle won't connect

qa flag
Frank Aldridge

I have installed Kindle 1.16.0 on Ubuntu 20.04. After hours of tweeking I got it to open successfully but when I try to open or download my Kindle books it announces that it cannot connect to the Internet It is basically the exact same problem as reported by https://askubuntu.com/users/1192347/manoelpqueiroz. It is not helpful to state which other OS sorts out the problem. Kindle says the problem lies with Ubuntu. Does anyone perhaps know how to solve this problem? Thank you in anticipation.

267
2 + 0
Score:2
Charles avatar Ubuntu
cn flag
Charles

I can't post a "comment," but this is not an "answer" per se... it's progress toward an answer. I have found a couple other communities that have had the same problem and report that they have solved it by replacing an untrusted certificate. Details here:

https://bugs.winehq.org/show_bug.cgi?id=50471

https://forums.linuxmint.com/viewtopic.php?f=47&t=342186&uid=248652

If I were comfortable enough with certificates to talk authoritatively on the topic, I would post instructions. For now all I can do is leave this info in the hands of the more experienced.

[EDIT:] Ok, I have a procedure that works, but for all I know could leave one susceptible to security issues. It goes:

1: Verify that the file /etc/ssl/certs/b204d74a.0 is not there

2: Comment in the line mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.crt in the file /etc/ca-certificates.conf

3: Create a file called /usr/share/ca-certificates/mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.crt that contains this certificate block:

-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB
yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp
U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW
ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0
aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjEL
MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW
ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2ln
biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp
U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y
aXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1
nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbex
t0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIz
SdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQG
BO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+
rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/
NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E
BAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAH
BgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy
aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKv
MzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzE
p6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y
5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlK
WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ
4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N
hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq
-----END CERTIFICATE-----

4: Regenerate the certs using the command sudo update-ca-certificates

5: Verify that there's now a file called /etc/ssl/certs/b204d74a.0 which links to your new cert

This worked for me. KindleForPC version 1.15 running on wine now connects up again.

0 + 3
Frank Aldridge avatar
qa flag
Frank Aldridge
Charles, it was incredibly kind of you to post the above answer. However, can you tell me step by step how to go about doing steps 2 and 3. I am simply not sufficiently on top of Linux to know how to enter the said file and comment etc. How do I create a .crt file?
0
Reply
Charles avatar
cn flag
Charles
Frank: Sure thing! Though it's generally not good practice to copy-paste commands from the internet. 2.1: `sudo nano /etc/ca-certificates.conf` 2.2: Find the line that reads `!mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.crt` 2.3: Delete the `!` from that line 2.4: Save using ctrl+o and enter 3.1: `sudo nano /usr/share/ca-certificates/mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.crt` 3.2: Copy-paste that certificate block in (note that terminally usually use ctrl+shift+v rather than just ctrl+v 3.2 ctrl+o and enter to save again
0
Reply
Frank Aldridge avatar
qa flag
Frank Aldridge
Thank you very much Charles. All fine now.
0
Reply
in flag
Lost Crotchet
@Charles I followed these exact steps on Ubuntu 18.04 but I can't see this `/etc/ssl/certs/b204d74a.0` file getting created anywhere. Also I think what you replied to Frank contradicts what you put in step 2 above. In step 2 above, it sounds you're advising to "comment out" the line? which means prefixing with a '#' right? But in the comment you seem to say "remove the '!'". Either way, I tried both and neither work.
0
Reply
in flag
Lost Crotchet
FYI I just tried with garakusai's answer and it seems to work
0
Reply
Charles avatar
cn flag
Charles
@LostCrotchet Please note that Step 2 reads "Comment IN the line", which agrees with the Step 2.3 instruction to DELETE the "!" from before that line.
0
Reply
Score:2
garakusai avatar Ubuntu
in flag
garakusai

In Ubuntu, a file not managed by apt/dpkg shouldn't use /usr/share. I faced this problem with Ubuntu 18.04 and 20.04. Both can retrieve old ca-certificates package and pick old crt.

  1. Check old ca-certificates

    $ apt-cache policy ca-certificates
ca-certificates:
  インストールされているバージョン: 20210119~20.04.1
  候補:               20210119~20.04.1
  バージョンテーブル:
     20210119build1 99
         99 http://jp.archive.ubuntu.com/ubuntu hirsute/main amd64 Packages
 *** 20210119~20.04.1 990
        990 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages
        990 http://archive.ubuntu.com/ubuntu focal-updates/main i386 Packages
        990 http://archive.ubuntu.com/ubuntu focal-security/main amd64 Packages
        990 http://archive.ubuntu.com/ubuntu focal-security/main i386 Packages
        100 /var/lib/dpkg/status
     20190110ubuntu1 990
        990 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages
        990 http://archive.ubuntu.com/ubuntu focal/main i386 Packages

    In these candidates, version 20190110ubuntu1 has needed crt.

  2. Retrieve, extract, copy to /usr/local/share

    $ mkdir ~/tmp
$ cd ~/tmp/
$ apt-get download ca-certificates=20190110ubuntu1

    In /tmp directory

    $ ar vx ca-certificates_20190110ubuntu1_all.deb
$ tar Jxvf data.tar.xz

    In /tmp directory

    $ sudo cp usr/share/ca-certificates/mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.crt /usr/local/share/ca-certificates/

  3. Import old key

    $ sudo update-ca-certificates

  4. Remove working directory

    $ rm -rf ~/tmp

If using Ubuntu 18.04, specify old ca-certificate version 20180409 instead of 20190110ubuntu1.

Information (in Japanese):

0 + 0
bq flag
Auspex
Kudos for using /usr/local -- I didn't realize that was possible
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.