Issue
Description
I am currently learning related knowledge in my study. When I use Debian operating system on my Raspberry PI, I find that the system time is not synchronized with the real time.
Errors
- The error message is as follows.
Certificate verification failed: The certificate is NOT trusted. The certificate chain uses not yet valid certificate. Could not handshake: Error in the certificate verification. [IP: 101.6.15.130 443]
Reading package lists... Done
W: Failed to fetch https://mirrors.tuna.tsinghua.edu.cn/debian/dists/buster/InRelease Certificate verification failed: The certificate is NOT trusted. The certificate chain uses not yet valid certificate. Could not handshake: Error in the certificate verification. [IP: 101.6.15.130 443]
NTP has been configured (maybe I didn't? But I have carefully configured it according to the documentation, if possible, you can briefly describe the configuration process.) after many times, I still can't figure out the problem.
ntp.conf files
- My
ntp.confas follows:
# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
driftfile /var/lib/ntp/ntp.drift
# Leap seconds definition provided by tzdata
leapfile /usr/share/zoneinfo/leap-seconds.list
# Enable this if you want statistics to be logged.
#statsdir /var/log/ntpstats/
statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable
# You do need to talk to an NTP server or two (or three).
#server ntp.your-provider.example
server ntp.aliyun.com iburst minpoll 4 maxpoll 10
# pool.ntp.org maps to about 1000 low-stratum NTP servers. Your server will
# pick a different set every time it starts up. Please consider joining the
# pool: <http://www.pool.ntp.org/join.html>
pool 0.debian.pool.ntp.org iburst
pool 1.debian.pool.ntp.org iburst
pool 2.debian.pool.ntp.org iburst
pool 3.debian.pool.ntp.org iburst
# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
# details. The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
# might also be helpful.
#
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.
# By default, exchange time with everybody, but don't allow configuration.
restrict -4 default kod notrap nomodify nopeer noquery limited
restrict -6 default kod notrap nomodify nopeer noquery limited
# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
restrict ::1
# Needed for adding pool entries
restrict source notrap nomodify noquery
restrict ntp.aliyun.com nomodify notrap nopeer noquery
# Clients from this (example!) subnet have unlimited access, but only if
# cryptographically authenticated.
#restrict 192.168.123.0 mask 255.255.255.0 notrust
# If you want to provide time to your local subnet, change the next line.
# (Again, the address is an example only.)
#broadcast 192.168.123.255
# If you want to listen to time broadcasts on your local subnet, de-comment the
# next lines. Please do this only if you trust everybody on the network!
#disable auth
#broadcastclient
root@rpi4-20210823:~#
- somethings about my ntp
root@rpi4-20210823:~# date
Wed Jul 14 03:05:09 CST 2021
root@rpi4-20210823:~# ntpq -p
remote refid st t when poll reach delay offset jitter
==============================================================================
0.debian.pool.n .POOL. 16 p - 64 0 0.000 0.000 0.000
1.debian.pool.n .POOL. 16 p - 64 0 0.000 0.000 0.000
2.debian.pool.n .POOL. 16 p - 64 0 0.000 0.000 0.000
3.debian.pool.n .POOL. 16 p - 64 0 0.000 0.000 0.000
203.107.6.88 .INIT. 16 u - 1024 0 0.000 0.000 0.000
- My OS as follows
root@rpi4-20210823:~# cat /etc/issue
Debian GNU/Linux 11 \n \l
root@rpi4-20210823:~# cat /etc/os-release
PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"
NAME="Debian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
root@rpi4-20210823:~# hostnamectl
Static hostname: rpi4-20210823
Icon name: computer
Operating System: Debian GNU/Linux 11 (bullseye)
Kernel: Linux 5.10.0-8-arm64
Architecture: arm64
I really want to know how to solve this problem, Thanks very much:) If you have any questions, please leave a message and communicate with us.
Solution
The error message you posted seems to be unrelated to your issue, as it looks like an apt-get error. Where have you extracted it from?
That being said, are you able to manually sync time with ntpdate? You can try doing something like this:
# apt install ntpdate
# ntpdate -v ntp.on.br
This will show clearly if you have some network problem/restriction preventing you to reach your NTP servers.
Answered By - Emerson Gomes Answer Checked By - David Marino (WPSolving Volunteer)