Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 3 Jul 2024 10:27:03 -0700
From:      Mark Millard <marklmi@yahoo.com>
To:        Philip Paeps <philip@freebsd.org>, FreeBSD-STABLE Mailing List <freebsd-stable@freebsd.org>
Cc:        Karl Denninger <karl@denninger.net>
Subject:   pkg_https:// failures related to, for example, "SSL certificate problem: certificate is not yet valid"
Message-ID:  <5667D5C0-44F7-4B40-8F63-50D5973D220D@yahoo.com>
References:  <5667D5C0-44F7-4B40-8F63-50D5973D220D.ref@yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
=46rom a bugzilla comment frombeing blocked from working on
an issue (not my entry):

QUOTE ( of https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D280038#c37 =
)
Well this is a problem with that image and getting enough installed to =
be able to do anything like, oh, pkgbase it forward....

root@generic:~ # uname -v
FreeBSD 14.1-RELEASE releng/14.1-n267679-10e31f0946d8 GENERIC freebsd
root@generic:/home # pkg install git
The package management tool is not yet installed on your system.
Do you want to fetch and install it now? [y/N]: y
Bootstrapping pkg from =
pkg+https://pkg.FreeBSD.org/FreeBSD:14:aarch64/quarterly, please wait...
Certificate verification failed for /CN=3Dpkg.freebsd.org
0020616CE1680000:error:0A000086:SSL =
routines:tls_post_process_server_certificate:certificate verify =
failed:/usr/src/crypto/openssl/ssl/statem/statem_clnt.c:1890:

.....

pkg: Error fetching =
https://pkg.FreeBSD.org/FreeBSD:14:aarch64/quarterly/Latest/pkg.txz: =
Authentication error
A pre-built version of pkg could not be found for your system.
Consider changing PACKAGESITE or installing it from ports: =
'ports-mgmt/pkg'.

So it would appear that bootstrapping pkg is boned on releng/14.1 for =
the Pi at the moment. I shall have to wait until a snapshot shows up I =
can grab or this is corrected.
END QUOTE

Note the "pkg+https://".

I had separate problems yesterday that I side stepped by
testing use of just "pkg+http://", which worked. See:

https://lists.freebsd.org/archives/freebsd-pkgbase/2024-July/000416.html

pkg with -d for the https context had its debug output
reporting:

* SSL certificate problem: certificate is not yet valid

It happened to be using 204.15.11.66:443 for the https
activity.


=3D=3D=3D
Mark Millard
marklmi at yahoo.com

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5667D5C0-44F7-4B40-8F63-50D5973D220D>