When loading older images and attempting to update them via apt / apt-update, they may fail to pull any and all information due to SSL / certificate issues.
Running apt update -o Acquire::https::Verify-Peer=false may "just work".
This effectively disables all the good stuff associated with security / https / ssl / life.
Another option which may or may not work depending on how outdated the certificates are:
- Edit
/etc/ca-certificates.conf - Add a bang (
!) as a prefix / at the start of the line containingmozilla/DST_Root_CA_X3.crt - Save / Exit
- Run
update-ca-certificates -fwith-f-meaningFresh updates. Remove symlinks in /etc/ssl/certs directory. - Double-check to make sure the
/etc/ca-certificates.conffile was updated and that your bang (!) was removed (hint: remove it if it's still there)