![]() ![]() So, to fix it we need to purge the damaged files, and allow the port to re-install itself to clean up. rwxr-xr-x 1 root wheel 30B Oct 3 16:06 /usr/local/openssl/cert.pem* rwxr-xr-x 1 root wheel 33B Oct 3 16:06 /usr/local/etc/ssl/cert.pem* # ls -AFGhl /etc/ssl/cert.pem /usr/local/etc/ssl/cert.pem /usr/local/openssl/cert.pem usr/local/share/licenses/ca_root_nss-3.58/catalog.mk usr/local/share/licenses/ca_root_nss-3.58/MPL20 usr/local/share/licenses/ca_root_nss-3.58/LICENSE ![]() usr/local/share/certs/ca-root-nss.crt ***** always updated as part of deployed port ********** usr/local/openssl/ ******* a sample file, only overwritten if cert.pm is missing ******** usr/local/etc/ssl/ ******* a sample file, only overwritten if cert.pm is missing ******** ![]() The following 1 package(s) will be affected (of 0 checked): ![]() Scanning /usr/local/etc/ssl/certs for certificates.Ĭhecking integrity. Let's reproduce that in fetch directly as its less noisy: We can run pkg with -ddd flags to see more info, and we see it using a different cert store. * TLSv1.3 (IN), TLS handshake, CERT verify (15):Ĭertificate verification failed for /C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3ģ4370654208:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:/usr/src/crypto/openssl/ssl/statem/statem_clnt.c:1915: * TLSv1.3 (IN), TLS handshake, Certificate (11): * TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8): * TLSv1.3 (IN), TLS handshake, Server hello (2): * TLSv1.3 (OUT), TLS handshake, Client hello (1): * CAfile: /usr/local/share/certs/ca-root-nss.crt ******* curl uses the ca_root_nss package certs file directly ************ * successfully set certificate verify locations: ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |