Bug 454129
Summary: | CA certificate missing for launchpad, bzr fails | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Gene Czarcinski <gczarcinski> |
Component: | openssl | Assignee: | Tomas Mraz <tmraz> |
Status: | CLOSED NOTABUG | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | high | Docs Contact: | |
Priority: | low | ||
Version: | 9 | ||
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2008-07-05 19:29:35 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Gene Czarcinski
2008-07-05 05:29:01 UTC
I believe that I have some proof that the bzr problem with https://launchpad.net is a missing CA cert. First, I installed "curl" to have a nice command line interface. 1. run: curl --cacert /etc/pki/tls/certs/ca-bundle.crt https://www.redhat.com result: html 2. run: curl --cacert /etc/pki/tls/certs/ca-bundle.crt https://launchpad.net result: curl: (60) Peer certificate cannot be authenticated ... ----------------------------------------------------- get new cacert.pem from http://curl.haxx.se/docs/caextract.html [curl website] ----------------------------------------------------- 3. run: curl --cacert ./cacert https://www.redhat.com result: html 4. run: curl --cacert ./cacert https://launchpad.net result: html ... looking good! ----------------------------------------------------- This proves something but I am not sure what because if I copy the new cacert.pem into /etc/pki/tls/certs/ and try to use it from there, redhat works but launchpad does not. OK, one more test: copy /etc/pki/tls/certs/ca-bundle.crt to ./ [this is openssl's] run curl --cacert ./ca-bundle.crt https://launchpad.net result: html I thought I had it but this now looks like it might be a problem with curl/libcurl. I am going to open a problem with curl but will leave this one open for a while. Anything helpful will be appreciated. This is looking more and more like libcurl so I am going to close this. The real problem could still be something in openssl but it sure does not look like it. More info: https://bugzilla.redhat.com/show_bug.cgi?id=454151 |