The CA certificate for the Metasploit Framework update server has changed. This will prevent the msfupdate feature from working until the certificate is updated in the ebuild. The 2.4 packages have been updated and re-released with the new CA cert. Please refer to http://metasploit.com/projects/Framework/docs/ssl_update.txt for details. To fix this issue, just replace the current framework-2.4.tar.gz with the one available from the Downloads page at metasploit.com and update the MD5. Reproducible: Always Steps to Reproduce: 1. msfupdate -u 2. Look for the SSL error Actual Results: SSL error Expected Results: List of available updates or "no updates found" message
After getting the framework from their mirrors, I regenerated the digest, re-emerged the package and I am still getting the SSL problem. Will try again later.
My bad, didn't realize the new correct file had -snapshot in it. Thanks for reporting, in cvs.
The new correct file is not the snapshot (that changes md5's everytime there is an update). The following log shows that the standard 2.4 package appears to be fixed. outernet ~ # wget metasploit.com/tools/framework-2.4.tar.gz --18:09:41-- http://metasploit.com/tools/framework-2.4.tar.gz => `framework-2.4.tar.gz' Resolving metasploit.com... 66.234.161.200 Connecting to metasploit.com[66.234.161.200]:80... connected. HTTP request sent, awaiting response... 200 OK Length: 2,607,730 [application/x-tar] 100%[================================================================>] 2,607,730 598.59K/s ETA 00:00 18:09:45 (594.52 KB/s) - `framework-2.4.tar.gz' saved [2607730/2607730] outernet ~ # tar -zpxf framework-2.4.tar.gz outernet ~ # md5sum framework-2.4.tar.gz cb3319b92399c7fab68c742dc750589e framework-2.4.tar.gz outernet ~ # cd framework-2.4 outernet framework-2.4 # ./msfupdate -u + -- --=[ msfupdate v2.4 [revision 1.39] [*] Calculating local file checksums, please wait... [*] No new updates are available outernet framework-2.4 #
Hmmm, you're right. I don't know why it didn't work before, but the current release works now. Fixed in cvs. Thanks again and sorry for making a fool out of myself.
I am the one who lost the CA key, no worries ;-) Thanks!