pkgsrc-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: pkg/55125: "mozilla-rootcerts install" fails the second time
The following reply was made to PR pkg/55125; it has been noted by GNATS.
From: Andreas Gustafsson <gson%gson.org@localhost>
To: Benny Siegert <bsiegert%gmail.com@localhost>
Cc: gnats-bugs%netbsd.org@localhost
Subject: Re: pkg/55125: "mozilla-rootcerts install" fails the second time
Date: Mon, 30 Mar 2020 12:49:42 +0300
Benny Siegert wrote:
> What would you like the fix to be? Should it delete existing
> certificates from /etc/openssl/certs and replace them with the ones it
> is installing? Or should there be some kind of "force" option to do
> that?
I just want there to be a documented procedure that I can follow to
make "wget https://google.com/" work like it does on other operating
systems, instead of yielding
$ wget https://google.com/
--2020-03-30 12:29:19-- https://google.com/
Resolving google.com (google.com)... 2a00:1450:400f:80a::200e, 172.217.21.174
Connecting to google.com (google.com)|2a00:1450:400f:80a::200e|:443... failed: No route to host.
Connecting to google.com (google.com)|172.217.21.174|:443... connected.
ERROR: cannot verify google.com's certificate, issued by 'CN=GTS CA 1O1,O=Google Trust Services,C=US':
Unable to locally verify the issuer's authority.
To connect to google.com insecurely, use `--no-check-certificate'.
When it comes to OpenSSL, I'm just an end user, and I have no idea
whether, for example, "deleting existing certificates from
/etc/openssl/certs" is the right thing to do. I just follow the
instructions, and currently the instructions don't work.
--
Andreas Gustafsson, gson%gson.org@localhost
Home |
Main Index |
Thread Index |
Old Index