help-guix
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

curl server certificate verification failed for a few sites

From: Giovanni Biscuolo
Subject: curl server certificate verification failed for a few sites
Date: Thu, 04 Jun 2020 15:13:55 +0200 
Hello Guix,

this is my current Guix version:

--8<---------------cut here---------------start------------->8---

Generation 71   giu 03 2020 17:44:58    (current)
  guix 2f49007
    repository URL: https://git.savannah.gnu.org/git/guix.git
    branch: master
    commit: 2f49007dd076b14feb40d7c3331dee3e737265c844

--8<---------------cut here---------------end--------------->8---

I'm having a strange error with curl from Guix (on a foreign distro):

--8<---------------cut here---------------start------------->8---
giovanni@roquette: curl -I https://voices.transparency.org
curl: (60) server certificate verification failed. CAfile: 
/home/giovanni/.guix-extra-profiles/emacs/emacs/etc/ssl/certs/ca-certificates.crt
 CRLfile: none
More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
--8<---------------cut here---------------end--------------->8---

I'm working in a profile with "curl" and "nss-certs" installed, I my
profile activate with:

--8<---------------cut here---------------start------------->8---
GUIX_PROFILE="/home/giovanni/.guix-extra-profiles/emacs/emacs" ; . 
"$GUIX_PROFILE"/etc/profile
--8<---------------cut here---------------end--------------->8---

and it seems to me that the env is set up correctly, especially I have:

--8<---------------cut here---------------start------------->8---
CURL_CA_BUNDLE=/home/giovanni/.guix-extra-profiles/emacs/emacs/etc/ssl/certs/ca-certificates.crt
--8<---------------cut here---------------end--------------->8---

With other sites I have no problems, e.g. with "curl https://google.com";
or "curl https://fsf.org";

I also have no problem using curl from my foreign distro, i.e.:

--8<---------------cut here---------------start------------->8---
giovanni@roquette: /usr/bin/curl -I https://voices.transparency.org
HTTP/2 200 
server: nginx
date: Thu, 04 Jun 2020 12:31:30 GMT
content-type: text/html; charset=utf-8
content-length: 331031
set-cookie: uid=lo_qSsMbQ4z5dnK; Expires=Fri, 04-Jun-21 12:31:30 GMT; Path=/; 
Secure; HttpOnly
sepia-upstream: medium
x-opentracing: 
{"ot-tracer-spanid":"390949417d4930c0","ot-tracer-traceid":"7f0fd7d0262c0c9b","ot-tracer-sampled":"true"}

[...]

x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, Chrome=1
x-powered-by: Medium
x-obvious-tid: 1591273890249:f076faaf3e63
x-obvious-info: 41228-18f1264,18f1264f828
link: <https://medium.com/humans.txt>; rel="humans"
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Thu, 09 Sep 1999 09:09:09 GMT
pragma: no-cache
set-cookie: 
sid=1:h/sJWfMuvxt6xsp9CxiSVZhE/m0Gkrnt1Aj+VWcPGV1cpLwK14Dg7Rfr4fWgzCz9ru4qnVfGEhX+mljUMOriPA==;
 path=/; expires=Fri, 04 Jun 2021 12:31:30 GMT; samesite=none; secure; httponly
set-cookie: optimizelyEndUserId=lo_qSsMbQ4z5dnK; path=/; expires=Fri, 04 Jun 
2021 12:31:30 GMT; samesite=none; secure
--8<---------------cut here---------------end--------------->8---

Am I missing something in my env, there is a problem in
https://voices.transparency.org setting or is something else?

Thanks! Gio'

-- 
Giovanni Biscuolo

Xelera IT Infrastructures

Attachment: signature.asc
Description: PGP signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]