SSL CA cert issue
Tim Darby
t+dfbsd at timdarby.net
Sun Apr 30 11:07:52 PDT 2017
fetch works.
Tim
On Sun, Apr 30, 2017 at 11:01 AM, Antonio Huete Jiménez <
tuxillo at quantumachine.net> wrote:
> Hi,
>
> What about system utilities like fetch(1)?
> Do they show the same behaviour?
>
> Regards,
> Antonio Huete
>
> Tim Darby <t+dfbsd at timdarby.net> escribió:
>
>
> Actually, that's what I normally do, but I'm running a builder program that
>> needs to do a git clone with https. BTW, curl has the same issue:
>>
>> % curl https://www.github.com
>> curl: (60) SSL certificate problem: unable to get local issuer certificate
>> More details here: https://curl.haxx.se/docs/sslcerts.html
>>
>> curl performs SSL certificate verification by default, using a "bundle"
>> of Certificate Authority (CA) public keys (CA certs). If the default
>> bundle file isn't adequate, you can specify an alternate file
>> using the --cacert option.
>> If this HTTPS server uses a certificate signed by a CA represented in
>> the bundle, the certificate verification probably failed due to a
>> problem with the certificate (it might be expired, or the name might
>> not match the domain name in the URL).
>> If you'd like to turn off curl's verification of the certificate, use
>> the -k (or --insecure) option.
>>
>> Tim
>>
>> On Sun, Apr 30, 2017 at 10:16 AM, Zachary Crownover <
>> zachary.crownover at gmail.com> wrote:
>>
>> Easiest fix is to just use SSH for your git connections. change https:///
>>> github.com/DragonFlyBSD/DragonFlyBSD.git to git at github.com:
>>> DragonFlyBSD/DragonFlyBSD.git
>>> and you won't have that issue.
>>>
>>> On Sun, Apr 30, 2017 at 10:13 AM, PeerCorps Trust Fund <
>>> ipc at peercorpstrust.org> wrote:
>>>
>>> Same issue here. Running on 4.9-DEVELOPMENT DragonFly
>>>> v4.9.0.223.g4f0ea-DEVELOPMENT. Also after a pkg upgrade.
>>>>
>>>> Michael
>>>>
>>>>
>>>> On 04/30/2017 05:28 PM, Tim Darby wrote:
>>>>
>>>> I did a pkg upgrade at the same time, so I wonder if libressl is to
>>>>> blame.
>>>>>
>>>>> Tim
>>>>>
>>>>> On Sun, Apr 30, 2017 at 7:16 AM, Tim Darby <t+dfbsd at timdarby.net>
>>>>> wrote:
>>>>>
>>>>> I just updated to the latest master and noticed this:
>>>>>
>>>>>>
>>>>>> % git clone https://github.com/DragonFlyBSD/DragonFlyBSD.git
>>>>>> Cloning into 'DragonFlyBSD'...
>>>>>> fatal: unable to access 'https://github.com/DragonFlyB
>>>>>> SD/DragonFlyBSD.git/':
>>>>>> SSL certificate problem: unable to get local issuer certificate
>>>>>>
>>>>>> I've never had to tell git where to find its CA certs:
>>>>>>
>>>>>> % git config --global http.sslCAinfo /etc/ssl/certs/cert.pem
>>>>>> % git clone https://github.com/DragonFlyBSD/DragonFlyBSD.git
>>>>>> Cloning into 'DragonFlyBSD'...
>>>>>> remote: Counting objects: 508865, done.
>>>>>> remote: Compressing objects: 100% (52/52), done.
>>>>>>
>>>>>> Tim
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>
>>> --
>>> Sincerely,
>>>
>>> Zachary Crownover
>>>
>>>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dragonflybsd.org/pipermail/users/attachments/20170430/cd0c3dbd/attachment-0003.html>
More information about the Users
mailing list