You are not logged in.

#1 2016-08-13 14:32:21

FlowIt
Member
Registered: 2014-10-25
Posts: 239

certificate validation fails with curl and gnutls

I rebuilt curl against gnutls instead of openssl and rebuilt pacman against the new curl afterwards. Unfortunatly, I cannot sync anymore because of certificates errors:

error: failed retrieving file 'core.db' from arch.32g.eu : server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none

I ran update-ca-trust afterwards, that's the only thing that came to my mind.
Do you have any ideas how I can properly set up curl to work with gnutls?

Last edited by FlowIt (2016-08-13 16:03:41)

Offline

#2 2016-08-13 16:03:17

FlowIt
Member
Registered: 2014-10-25
Posts: 239

Re: certificate validation fails with curl and gnutls

This problem has nothing to do with pacman, I removed the reference from the title. It's just a problem how curl and gnutls work together. If I run curl -v https://google.com I get the following output:

* Rebuilt URL to: https://google.com/
*   Trying 2a00:1450:4001:814::200e...
* Connected to google.com (2a00:1450:4001:814::200e) port 443 (#0)
* found 0 certificates in /etc/ssl/certs/ca-certificates.crt
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_ECDSA_CHACHA20_POLY1305
* server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
* Closing connection 0

So I assume the verification fails because no certs are found. But the ca-certificates.crt file is not empty. So why cannot gnutls/curl find the appropriate certs?

Offline

Board footer

Powered by FluxBB