在win10下拿docker desktop当半个Linux虚拟机用,换apt源的时候遇到了错误
TLDR:换源之前先用原版的源凑合install个ca-certificates

过程:

很正常地pull了一个Ubuntu镜像,run了一个容器;
cat /etc/*release查看到Ubuntu版本是20.04 LTS,找到清华源里对应版本的源;
直接复制了内容然后echo '复制的内容' > /etc/apt/sources.list
然后开开心心地准备apt update,结果出现了一堆错误:

root@5a22dd190936:/# apt update
Ign:1 https://mirrors.tuna.tsinghua.edu.cn/ubuntu focal InRelease
Ign:2 https://mirrors.tuna.tsinghua.edu.cn/ubuntu focal-updates InRelease
Ign:3 https://mirrors.tuna.tsinghua.edu.cn/ubuntu focal-backports InRelease
Ign:4 https://mirrors.tuna.tsinghua.edu.cn/ubuntu focal-security InRelease
Err:5 https://mirrors.tuna.tsinghua.edu.cn/ubuntu focal Release
Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown. Could not handshake: Error in the certificate verification. [IP: 101.6.15.130 443]
Err:6 https://mirrors.tuna.tsinghua.edu.cn/ubuntu focal-updates Release
Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown. Could not handshake: Error in the certificate verification. [IP: 101.6.15.130 443]
Err:7 https://mirrors.tuna.tsinghua.edu.cn/ubuntu focal-backports Release
Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown. Could not handshake: Error in the certificate verification. [IP: 101.6.15.130 443]
Err:8 https://mirrors.tuna.tsinghua.edu.cn/ubuntu focal-security Release
Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown. Could not handshake: Error in the certificate verification. [IP: 101.6.15.130 443]
Reading package lists... Done
W: https://mirrors.tuna.tsinghua.edu.cn/ubuntu/dists/focal/InRelease: No system certificates available. Try installing ca-certificates.
W: https://mirrors.tuna.tsinghua.edu.cn/ubuntu/dists/focal-updates/InRelease: No system certificates available. Try installing ca-certificates.
W: https://mirrors.tuna.tsinghua.edu.cn/ubuntu/dists/focal-backports/InRelease: No system certificates available. Try installing ca-certificates.
W: https://mirrors.tuna.tsinghua.edu.cn/ubuntu/dists/focal-security/InRelease: No system certificates available. Try installing ca-certificates.
W: https://mirrors.tuna.tsinghua.edu.cn/ubuntu/dists/focal/Release: No system certificates available. Try installing ca-certificates.
E: The repository 'https://mirrors.tuna.tsinghua.edu.cn/ubuntu focal Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: https://mirrors.tuna.tsinghua.edu.cn/ubuntu/dists/focal-updates/Release: No system certificates available. Try installing ca-certificates.
E: The repository 'https://mirrors.tuna.tsinghua.edu.cn/ubuntu focal-updates Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: https://mirrors.tuna.tsinghua.edu.cn/ubuntu/dists/focal-backports/Release: No system certificates available. Try installing ca-certificates.
E: The repository 'https://mirrors.tuna.tsinghua.edu.cn/ubuntu focal-backports Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: https://mirrors.tuna.tsinghua.edu.cn/ubuntu/dists/focal-security/Release: No system certificates available. Try installing ca-certificates.
E: The repository 'https://mirrors.tuna.tsinghua.edu.cn/ubuntu focal-security Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

错误的解决方法:

(可能对其他的类似情况有用?但总之我最后解决问题的操作不是这些)

方法1:apt-key add ros.asc(看起来很靠谱?但是原帖有个小坑)

来源:Netceor的csdn文章

首先记得备份一个能用的源(比如说你想换掉的很慢但是能用的原版源),以及在替换掉sources.list的内容前想办法先装一个gnupg/gunpg1/gnupg2

去找一个叫ros.asc的文件,其内容可以在需要科学的链接不需要科学的链接里找到;
找个用得惯的环境把上述网页的所有内容(包括BEGIN,Comment,Version,一堆“乱码”,一直到END)复制到txt里,然后整个文件名包括后缀名改成ros.asc
把这个ros.asc找个办法塞到你的虚拟机/容器/生产服务器上,对着它使用apt-key add ros.asc
然后(如果你没有听话地装上gnupg的话)你会惊喜地发现:

root@5a22dd190936:~# apt-key add ros.asc
E: gnupg, gnupg2 and gnupg1 do not seem to be installed, but one of them is required for this operation

如果你又没有备份sources.list或者原来的源根本就不能用的话,就变成的经典的死循环:apt坏了,啥都安装不了 => 换源需要安装密钥 => 密钥需要安装gnupg => 安装gnupg需要apt (老人指人.jpg)
总之如果gunpg已经装好了的话,那apt-key add ros.asc会返回一个OK
理论上原帖讲到这一步已经完事了,但这个办法对我来说没啥用,可能密钥也分版本和源吧。总之pass

方法2:检查对应的版本有没有选对(废话)

怎么可能选错!我对了好几遍!pass

正经的解决办法:

其实报错信息里有讲Try installing ca-certificates.…………
(有一说一我看了半天一直以为这句话讲的是错误方法1里的内容)
直接在替换sources.list前安装一个名字就叫ca-certificates的东西,即apt install ca-certificates,之后再正常覆盖sources.list即可。