Summary: | [awesome] Repository URI unaccessible | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Michał Górny <mgorny> |
Component: | Overlays | Assignee: | Daniel Morlock <info> |
Status: | RESOLVED FIXED | ||
Severity: | normal | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://qa-reports.gentoo.org/output/repos/awesome.html | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 552950 |
Description
Michał Górny
2016-10-30 17:05:06 UTC
FYI, this is most likely due to recent change in ca-certificates, so you can expect that most Gentoo users won't be able to sync by default. We get A+ ratings from SSLLabs: https://www.ssllabs.com/ssltest/analyze.html?d=gitlab.awesome-it.de&s=37.120.164.191 We know that StartCom is known to be removed in futur but the current certs should be valid until they expire. Was StartCom already removed from the Gentoo ca-certificates? I think it was placed under insecure USE flag that is off by default. And confirmed: if ! use insecure_certs ; then # Remove untrusted certs from StartCom and WoSign (bug #598072) rm "${c}"/mozilla/StartCom* || die rm "${c}"/mozilla/WoSign* || die fi We changed our SSL authority to Let's Encrypt Authority X3: https://www.ssllabs.com/ssltest/analyze.html?d=gitlab.awesome-it.de&s=37.120.164.191 The repo URI should now be working again. |