Date: Sun, 4 Sep 2022 18:42:24 +0200 From: Axel Rau <Axel.Rau@Chaos1.DE> To: FreeBSD-security@FreeBSD.org Subject: pkg 1.18.4 refuses local CAcert on 13.1-RELEASE-p2 Message-ID: <C5DE50D8-F4D7-4346-8E54-8C0E97B2CDD5@Chaos1.DE>
next in thread | raw e-mail | index | archive | help
While accessing my local poudriere repo I=E2=80=99m getting - - - Bootstrapping pkg from https://some_fqdn/131amd64-default, please wait... Certificate verification failed for some_internal_CA 34391269376:error:1416F086:SSL \ routines:tls_process_server_certificate:certificate \ verify failed:/usr/src/crypto/openssl/ssl/statem/statem_clnt.c:1921: - - - but openssl verify shows successful verification: - - - # openssl s_client -connect some_fqdn:443 -6 -verify_return_error | grep = verify depth=3D1 some_internal_CA verify return:1 depth=3D0 CN =3D some_fqdn verify return:1 - - - some_fqdn is defined in /etc/hosts only. related repo.conf has: - - - some-repo: { url: "https://some_fqdn/131amd64-default" , mirror_type: "HTTP", enabled: yes, IP_VERSION =3D 6, signature_type: "pubkey", pubkey: /usr/local/etc/ssl/certs/repo.cert priority: 5 } - - - Any help appreciated, Axel =2D-- PGP-Key: CDE74120 =E2=98=80 computing @ chaos claudius
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?C5DE50D8-F4D7-4346-8E54-8C0E97B2CDD5>