Bug#532584: libshibsp1: Backchannel fails to contact AA
Russ Allbery
rra at debian.org
Wed Jun 10 23:20:59 UTC 2009
"Scott Cantor" <cantor.2 at osu.edu> writes:
> I think this is the reference you want:
>
> http://marc.info/?t=123721089000002&r=1&w=2
>
> Something in debian got updated and corrupted a CA list. What I can't
> explain is why libcurl is even looking at it, but I'll look into that
> if I can reproduce that elsewhere.
>
> I override the trust processing libcurl does anyway, but it may still be
> installing the root list even though it gets ignored later.
Ah, yes. If that's the case, then cleaning up the certificates in
/etc/ssl/certs to remove the duplicate should resolve the problem.
http://marc.info/?l=openssl-users&m=123729123505080&w=2 seems to be the
relevant solution.
--
Russ Allbery (rra at debian.org) <http://www.eyrie.org/~eagle/>
More information about the Pkg-shibboleth-devel
mailing list