[Debian-l10n-devel] changes to SSL config on debian.org hosts?

Paul Wise pabs at debian.org
Wed Jan 7 13:40:07 UTC 2015

On Wed, 2015-01-07 at 09:31 -0400, David Prévot wrote:

> If I understand correctly, things that have been broken since ca
> December 15th should be fixed now. Yet, the Perl spider used for l10n
> purpose is still broken from tye, so is cURL:
> taffit at tye:~$ curl https://lists.debian.org/debian-l10n-portuguese
> curl: (60) SSL certificate problem: unable to get local issuer certificate
> More details here: http://curl.haxx.se/docs/sslcerts.html
> Can anything be done here (e.g., making lists.d.o available via HTTP
> would be a more viable option than having stuff broken for another month)?

curl is one of those broken pieces of software that doesn't know how to
verify service certificates directly. The appropriate workaround for
curl is to add --capath /etc/ssl/ca-debian to the curl command-line.

I suspect that the spider has the same problem and should use a similar
workaround until the underlying software is fixed.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/debian-l10n-devel/attachments/20150107/ff2e7a95/attachment.sig>

More information about the Debian-l10n-devel mailing list