Traceback errors with add-apt-repository on 24.04
https://askubuntu.com/questions/1563710/traceback-errors-with-add-apt-repository-on-24-04
I have found other questions about this command not working on the site but the errors emitted are not the same, at least in the several I looked at.
add-apt-repository fails when attempting to add repositories (several different ppas attempted)
The affected system is a virtual machine which started out as a clone of a physical PC. They have diverged over the years, and the physical PC does not have this problem.
$ sudo add-apt-repository ppa:ondrej/apache2
Traceback (most recent call last):
File "/usr/bin/add-apt-repository", line 452, in <module>
sys.exit(0 if addaptrepo.main() else 1)
^^^^^^^^^^^^^^^^^
File "/usr/bin/add-apt-repository", line 435, in main
shortcut = handler(source, **shortcut_params)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/softwareproperties/shortcuts.py", line 40, in shortcut_handler
return handler(shortcut, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/softwareproperties/ppa.py", line 89, in __init__
if self.lpppa.publish_debug_symbols:
^^^^^^^^^^
File "/usr/lib/python3/dist-packages/softwareproperties/ppa.py", line 133, in lpppa
self._lpppa = self.lpteam.getPPAByName(name=self.ppaname)
^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/softwareproperties/ppa.py", line 120, in lpteam
self._lpteam = self.lp.people(self.teamname)
^^^^^^^
File "/usr/lib/python3/dist-packages/softwareproperties/ppa.py", line 111, in lp
self._lp = login_func("%s.%s" % (self.__module__, self.__class__.__name__),
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/launchpadlib/launchpad.py", line 494, in login_anonymously
return cls(
^^^^
File "/usr/lib/python3/dist-packages/launchpadlib/launchpad.py", line 230, in __init__
super(Launchpad, self).__init__(
File "/usr/lib/python3/dist-packages/lazr/restfulclient/resource.py", line 511, in __init__
self._wadl = self._browser.get_wadl_application(self._root_uri)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/lazr/restfulclient/_browser.py", line 502, in get_wadl_application
response, content = self._request(url, media_type=wadl_type)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/lazr/restfulclient/_browser.py", line 441, in _request
response, content = self._request_and_retry(
^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/lazr/restfulclient/_browser.py", line 400, in _request_and_retry
response, content = self._connection.request(
^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/httplib2/__init__.py", line 1669, in request
(response, new_content) = self._request(
^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/launchpadlib/launchpad.py", line 144, in _request
response, content = super(LaunchpadOAuthAwareHttp, self)._request(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/lazr/restfulclient/_browser.py", line 204, in _request
return super(RestfulHttp, self)._request(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/httplib2/__init__.py", line 1421, in _request
(response, content) = self._conn_request(conn, request_uri, method, body, headers)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/httplib2/__init__.py", line 1343, in _conn_request
conn.connect()
File "/usr/lib/python3/dist-packages/httplib2/__init__.py", line 1135, in connect
self.sock = self._context.wrap_socket(sock, server_hostname=self.host)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.12/ssl.py", line 455, in wrap_socket
return self.sslsocket_class._create(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.12/ssl.py", line 1042, in _create
self.do_handshake()
File "/usr/lib/python3.12/ssl.py", line 1320, in do_handshake
self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate (_ssl.c:1000)
Here's the output of the command requested in a comment:
$ dig api.launchpad.net
; <<>> DiG 9.18.39-0ubuntu0.24.04.2-Ubuntu <<>> api.launchpad.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57184
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;api.launchpad.net. IN A
;; ANSWER SECTION:
api.launchpad.net. 30 IN A 185.125.189.224
api.launchpad.net. 30 IN A 185.125.189.225
;; Query time: 23 msec
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
;; WHEN: Sat Feb 07 17:30:39 CST 2026
;; MSG SIZE rcvd: 78
From the non-working virtual machine -
$ openssl s_client api.launchpad.net:443 </dev/null
CONNECTED(00000003)
depth=0 C = US, ST = California, L = San Jose, O = Netgear, OU = Home Consumer Products, CN = www.routerlogin.net, emailAddress = support@netgear.com
verify error:num=18:self-signed certificate
verify return:1
depth=0 C = US, ST = California, L = San Jose, O = Netgear, OU = Home Consumer Products, CN = www.routerlogin.net, emailAddress = support@netgear.com
verify return:1
---
Certificate chain
0 s:C = US, ST = California, L = San Jose, O = Netgear, OU = Home Consumer Products, CN = www.routerlogin.net, emailAddress = support@netgear.com
i:C = US, ST = California, L = San Jose, O = Netgear, OU = Home Consumer Products, CN = www.routerlogin.net, emailAddress = support@netgear.com
a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
v:NotBefore: Apr 15 10:13:07 2025 GMT; NotAfter: Apr 13 10:13:07 2035 GMT
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIEMjCCAxqgAwIBAgIJAM/FzbGkTfMVMA0GCSqGSIb3DQEBCwUAMIGqMQswCQYD
VQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTERMA8GA1UEBwwIU2FuIEpvc2Ux
EDAOBgNVBAoMB05ldGdlYXIxHzAdBgNVBAsMFkhvbWUgQ29uc3VtZXIgUHJvZHVj
dHMxHDAaBgNVBAMME3d3dy5yb3V0ZXJsb2dpbi5uZXQxIjAgBgkqhkiG9w0BCQEW
E3N1cHBvcnRAbmV0Z2Vhci5jb20wHhcNMjUwNDE1MTAxMzA3WhcNMzUwNDEzMTAx
MzA3WjCBqjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExETAPBgNV
BAcMCFNhbiBKb3NlMRAwDgYDVQQKDAdOZXRnZWFyMR8wHQYDVQQLDBZIb21lIENv
bnN1bWVyIFByb2R1Y3RzMRwwGgYDVQQDDBN3d3cucm91dGVybG9naW4ubmV0MSIw
IAYJKoZIhvcNAQkBFhNzdXBwb3J0QG5ldGdlYXIuY29tMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAx71Bz/c7VJc8kxeYtO8LP5G4THeHcjVofY7yKZy0
CEJSytazImyMK98+aaIs1YwWe1NN+TqX7P0BO17T402YJZ7g0sjxyTQ3djkay+6U
YTzjdogWjKa5KzKsDPH/qc+IQaIB9yP2WZMvvm2A3PjhQu78oEb4UgRAaNST2oOT
JYUw79aOk33BOQ6Xlym7sK6lZjvbQKkVGD0jXJ0bLMEZIOSfJdZWSFSr8pNLPfgn
t4+ZxN7+MCu6cZCTHPz6O5uk8rfWGFcobdC2iSiWSGea1nMgjyN7svKXsjs93Y52
6/miRYiwMwHTlw3RwGbESh0DedKceJXhUJuRk4IQhbVraQIDAQABo1kwVzBVBgNV
HREETjBMghN3d3cucm91dGVybG9naW4ubmV0gg9yb3V0ZXJsb2dpbi5uZXSCD3Jv
dXRlcmxvZ2luLmNvbYITd3d3LnJvdXRlcmxvZ2luLmNvbTANBgkqhkiG9w0BAQsF
AAOCAQEAtkCxzQWESiVz012I7gB7tbCCQenXm0hcmgdV4a2iE5XPaj1l+MCbt9hO
nsxQcTrXrtq4mAIwhsP1QrUi1XcbJu8L41R6KYvDE+A+WreZ/eGgWQE524hF8Ywo
R00e/c7/DvvPV6GhYUBRWQgnlWog0/5oKFKxvFJho0rrPdULdXr+HykzohQCl32o
8u7JJrcyryYRHnPD2LJJ2zT5GtZAEyYzw1TTuqhyUjzXAcDaYWZ5WwiBxxCRoW7u
+EcmDtqTCQNXjFLQmPqgf4LfEM0bBNtXch/4h4GQ8E8m8Nnpgby70SA88pKNu7tH
7VhuqYJw9eUKZQ51NsxhA3lSTri+RA==
-----END CERTIFICATE-----
subject=C = US, ST = California, L = San Jose, O = Netgear, OU = Home Consumer Products, CN = www.routerlogin.net, emailAddress = support@netgear.com
issuer=C = US, ST = California, L = San Jose, O = Netgear, OU = Home Consumer Products, CN = www.routerlogin.net, emailAddress = support@netgear.com
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 1634 bytes and written 399 bytes
Verification error: self-signed certificate
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 18 (self-signed certificate)
---
DONE
From the working physical machine
openssl s_client api.launchpad.net:443 </dev/null
CONNECTED(00000003)
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R13
verify return:1
depth=0 CN = launchpad.net
verify return:1
---
Certificate chain
0 s:CN = launchpad.net
i:C = US, O = Let's Encrypt, CN = R13
a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
v:NotBefore: Jan 19 10:14:34 2026 GMT; NotAfter: Apr 19 10:14:33 2026 GMT
1 s:C = US, O = Let's Encrypt, CN = R13
i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
v:NotBefore: Mar 13 00:00:00 2024 GMT; NotAfter: Mar 12 23:59:59 2027 GMT
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIG5TCCBc2gAwIBAgISBnEnfgQChfPAR5Ri22A39UKcMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTMwHhcNMjYwMTE5MTAxNDM0WhcNMjYwNDE5MTAxNDMzWjAYMRYwFAYDVQQD
Ew1sYXVuY2hwYWQubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
tnJGx/S2NpNrcYW50SNgH1/FjqQ4bmpgzKPqqa/wiWZfVYnG3Oa/lA0t0eowa6y3
FWYkyhfCbIFHBZCkRjVdEKdCs8ebujgNCiDgwCF6OfYQ+JlibzglsyCM0HHwOe3k
G/c3Gh8N4xfhyCSTolJ6+afy0tTkYHV7JClf4ctka6/vLgsC6MxgSRcxQLk3QBtG
gdDqi/t0KzuUY4I88qwDmdSrKb2wOZGemGoGSJrTDtvqbMHxTeLiotK1Tb/+mFDj
D0RIngX1c1xbTWST/hW5o7jKD0ebrqf6VX/d/u1R6H0JGQHtMbMNOQM/dJUTANEH
WCdpsDRLFYdXN7c4IkF04wIDAQABo4IEDDCCBAgwDgYDVR0PAQH/BAQDAgWgMB0G
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1Ud
DgQWBBR0GMVX4KNGxCIYYTiYdHCuUfoEQzAfBgNVHSMEGDAWgBTnq58PLDOgU9Ne
T3jIsoQOO9aSMzAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAKGF2h0dHA6Ly9y
MTMuaS5sZW5jci5vcmcvMIIB/QYDVR0RBIIB9DCCAfCCGmFuc3dlcnMuZWRnZS5s
YXVuY2hwYWQubmV0ghVhbnN3ZXJzLmxhdW5jaHBhZC5uZXSCEWFwaS5sYXVuY2hw
YWQubmV0ghdibHVlcHJpbnQubGF1bmNocGFkLm5ldIIdYmx1ZXByaW50cy5lZGdl
LmxhdW5jaHBhZC5uZXSCGGJsdWVwcmludHMubGF1bmNocGFkLm5ldIIXYnVncy5l
ZGdlLmxhdW5jaHBhZC5uZXSCEmJ1Z3MubGF1bmNocGFkLm5ldIIXY29kZS5lZGdl
LmxhdW5jaHBhZC5uZXSCEmNvZGUubGF1bmNocGFkLm5ldIISZWRnZS5sYXVuY2hw
YWQubmV0ghZmZWF0dXJlcy5sYXVuY2hwYWQubmV0ghhmZWVkcy5lZGdlLmxhdW5j
aHBhZC5uZXSCE2ZlZWRzLmxhdW5jaHBhZC5uZXSCDWxhdW5jaHBhZC5uZXSCF2xp
YnJhcmlhbi5sYXVuY2hwYWQubmV0ghNtZWRpYS5sYXVuY2hwYWQubmV0gh90cmFu
c2xhdGlvbnMuZWRnZS5sYXVuY2hwYWQubmV0ghp0cmFuc2xhdGlvbnMubGF1bmNo
cGFkLm5ldIIRd3d3LmxhdW5jaHBhZC5uZXSCFHhtbHJwYy5sYXVuY2hwYWQubmV0
MBMGA1UdIAQMMAowCAYGZ4EMAQIBMC4GA1UdHwQnMCUwI6AhoB+GHWh0dHA6Ly9y
MTMuYy5sZW5jci5vcmcvMjkuY3JsMIIBDAYKKwYBBAHWeQIEAgSB/QSB+gD4AH4A
4yON8o2iiOCq4Kzw+pDJhfC2v/XSpSewAfwcRFjEtugAAAGb1fVYCwAIAAAFAC/a
/GgEAwBHMEUCICb6hEvEfcokPwoFG9K2TPQk2NLhsSVvrODuotGHlEhyAiEAzkO+
FAlYFmBvdzwjHgGrA2NeETNShG/4JLfmqC/EFUgAdgAWgy2r8KklDw/wOqVF/8i/
yCPQh0v2BCkn+OcfMxP1+gAAAZvV9V8VAAAEAwBHMEUCIQCdTxixRqkQ7N1TW2Wn
BC8aNiF24Zb2GNhf1luInAXmawIgMaXRSlkB234sCE4rigPVxv9TDEpw1nGNLUsI
j1cef1EwDQYJKoZIhvcNAQELBQADggEBAJ916/InUIZr6sY0rq7QIOYuSxFJeUpk
m1cT/9y+MiRUehfSkLYBDL+PJBbVJldJzJS5mTWAvSiSdF/+GhH0RaP2U1ynuspl
DoLIi/F1Sa/kX+VNqsxQ8D7R/ptVuJyYQMqTe2myTMnsg/iQuoZxxEQbXDXcujwd
1Y1tefdEFm28dUh2IKHcq+0saDE5ULdLxm6ix38oc3L6E00QL/p46nX3l2yN5kXq
/oq30vtdCi+7aVOWzkb+Y1pqeV+pf2xUotOB/oM7rSIAV1651UqIoaRcfclRK0Gd
BITwLT7TQgwME4syeTgxvFW5A2c+SKf25Hj6VOIrn14b0KeOBOSIkdA=
-----END CERTIFICATE-----
subject=CN = launchpad.net
issuer=C = US, O = Let's Encrypt, CN = R13
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 3623 bytes and written 399 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
DONE