From: Brian Inglis <Brian.Inglis@SystematicSw.ab.ca>
To: cygwin@cygwin.com
Subject: Re: [ANNOUNCEMENT] Test: curl, libcurl{4, -devel, -doc}, mingw64-{x86_64, i686}-curl 7.86 (TEST)
Date: Thu, 3 Nov 2022 11:48:49 -0600 [thread overview]
Message-ID: <a898eab2-9365-1ca5-e869-886ca4faaf19@SystematicSw.ab.ca> (raw)
In-Reply-To: <87bkpo1obo.fsf@Otto.invalid>
On Thu, 03 Nov 2022 08:36:59 +0100, ASSI wrote:
> Lemures Lemniscati writes:
>> curl: (60) SSL certificate problem: unable to get local issuer certificate
>> More details here: https://curl.se/docs/sslcerts.html
>>
>> curl failed to verify the legitimacy of the server and therefore could not
>> establish a secure connection to it. To learn more about this situation and
>> how to fix it, please visit the web page mentioned above.
>> ls: cannot access 'index.html': No such file or directory
>> ==========
>>
>> I don't know whether the result is expeced.
>> If so, is there any help?
> Try to run update-ca-trust as the user that originally did the installation.
I think Achim is referring to the fix to an earlier issue, where there were
similar problems with ca-certificates after p11-kit removed write permission to
the directory /etc/pki/ca-trust/extracted/pem/directory-hash, so update-ca-trust
failed when run in the postinstall script.
Check:
$ grep -B1 'chmod' /usr/bin/update-ca-trust
# p11-kit removes write permission to the directory
chmod u+w $DEST/pem/directory-hash
--
/usr/bin/ln -s ../tls-ca-bundle.pem $DEST/pem/directory-hash/ca-bundle.crt
chmod a-w $DEST/pem/directory-hash
You may have to check /etc/pki/ca-trust/extracted/pem/directory-hash permissions
with ls -l, getfacl, and
$ icacls `cygpath -m /etc/pki/ca-trust/extracted/pem/directory-hash`
if there is still an issue, and fix any permissions issues, or run setup to
upgrade or reinstall ca-certificates and ...-letsencrypt.
--
Take care. Thanks, Brian Inglis Calgary, Alberta, Canada
La perfection est atteinte Perfection is achieved
non pas lorsqu'il n'y a plus rien à ajouter not when there is no more to add
mais lorsqu'il n'y a plus rien à retirer but when there is no more to cut
-- Antoine de Saint-Exupéry
prev parent reply other threads:[~2022-11-03 17:48 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-01 21:24 Cygwin curl Maintainer
2022-11-02 18:07 ` Achim Gratz
2022-11-03 1:38 ` Lemures Lemniscati
[not found] ` <Y2MjCqOFZ0PqdN2G@xps13>
2022-11-03 6:43 ` Lemures Lemniscati
2022-11-03 7:36 ` ASSI
2022-11-03 17:48 ` Brian Inglis [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a898eab2-9365-1ca5-e869-886ca4faaf19@SystematicSw.ab.ca \
--to=brian.inglis@systematicsw.ab.ca \
--cc=cygwin@cygwin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).