Summary: | app-misc/ca-certificates: sectigo certificates not recognized as secure | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Agostino Sarubbo <ago> |
Component: | Current packages | Assignee: | Gentoo's Team for Core System packages <base-system> |
Status: | RESOLVED INVALID | ||
Severity: | normal | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2019-05-21 09:34:09 UTC
1) We never add any certificates on our own. We use whatever Mozilla is shipping (through Debian). So you would have to ask Mozilla... BUT... I don't think there's a missing certificate: 1) Which app-misc/ca-certificates version are you using? 2) Tell us how you built curl (GnuTLS and OpenSSL for example can pick different certificate paths). 3) Logs! It's still possible that you connect to a different endpoint then I do and that your endpoint is just miss-configured while my endoint works. At least we will need the certificate including chain send by server to you... That said, I cannot reproduce your report with current ca-certificates-20190110.3.43 in ~arch. There was a missing intermediate certificate. Sorry for the spam |