konqueror cannot connect to https://www.cacert.org: An error occurred while loading https://www.cacert.org/: Could not connect to host www.cacert.org. In ~/.xsession-errors: 30956:error:140943FC:lib(20):func(148):reason(1020):s3_pkt.c:1057:SSL alert number 20 I am running right now revedep-rebuild --library libcrypto.so.0.9.7 and afterwards the same for libssl.so.0.9.7 as suggested by the openssl ebuild. From the openssl ebuild: You must re-compile all packages that are linked against OpenSSL 0.9.7 by using revdep-rebuild from gentoolkit How is that to be understood, why is openssl-0.9.8 installing those 0.9.7 compatibility libs, if I then _have_to_ re-compile? Is that not more a "it is highly suggested as packages might be broken now, despite the fact that they should not be"? Reproducible: Always
So run the revdep-rebuild and then delete the old libs...
(In reply to comment #0) > How is that to be understood, why is openssl-0.9.8 installing those 0.9.7 > compatibility libs, if I then _have_to_ re-compile? Is that not more a "it is > highly suggested as packages might be broken now, despite the fact that they > should not be"? No, it's not a suggestion, you must do it. The old libs are left there so that you could at least emerge --sync and fetch stuff via wget.
(In reply to comment #2) > > No, it's not a suggestion, you must do it. The old libs are left there so that > you could at least emerge --sync and fetch stuff via wget. Thx for the explanation - I did: revdep-rebuild -X --library libssl.so.0.9.7 rm /usr/lib/libssl.so.0.9.7 revdep-rebuild -X --library libcrypto.so.0.9.7 rm /usr/lib/libcrypto.so.0.9.7 I then did an revdep-rebuild -X and it showed no broken dependencies. With disabled SSLv2, konqueror is still not able to access https://www.cacert.org, with SSLv2 enabled it works. Firefox with disabled SSLv2 is able to access https://www.cacert.org. A comment from cacert-support mailing list from Duane: > Bug in Konq prevents some people from connecting, we attempted to modify > the apache config to get around the problem in Konq, but obviously > haven't succeeded in all case. > > The problem seems to occur when people disable SSLv2 in Konq, and it is > only present in some recent versions of the software. No other browsers > tested have this problem.
Having the same problem here...
(In reply to comment #0) > How is that to be understood, why is openssl-0.9.8 installing those 0.9.7 > compatibility libs, if I then _have_to_ re-compile? Is that not more a "it is > highly suggested as packages might be broken now, despite the fact that they > should not be"? If the older libs wouldn't be retained, apps would miss them - running system broken. You don't want that. :) Valid bug, please follow https://bugs.kde.org/show_bug.cgi?id=142553