help-guix
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: curl server certificate verification failed for a few sites


From: Tobias Geerinckx-Rice
Subject: Re: curl server certificate verification failed for a few sites
Date: Thu, 04 Jun 2020 18:43:10 +0200

Giovanni Biscuolo 写道:
Jack Hill <jackhill@jackhill.us> writes:
The error wget gives is a little bit better,

FWIW, I use this (extremely verbose) command to debug/check my own servers:

$ openssl s_client -showcerts -servername voices.transparency.org \
   -connect voices.transparency.org:443

Therefore, I think the fix is for voices.transparency.org to update the certificate chain/bundle that they are sending.

They're also sending intermediate certificates that they shouldn't be sending in the first place[0] which doesn't help matters. I agree that this looks like an outdated server (mis)configuration.

Yes. All modern clients and operating systems have the newer, modern
COMODO and USERTrust roots which don’t expire until 2038.

Right, but ‘modern’ there means ~2015.

Kind regards,

T G-R

[0]: https://www.ssllabs.com/ssltest/analyze.html?d=voices.transparency.org&s=52.4.38.70&hideResults=on

Attachment: signature.asc
Description: PGP signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]