[Bug 276202] ports-mgmt/pkg

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: <bugzilla-noreply_at_freebsd.org>
Date: Mon, 08 Jan 2024 19:11:53 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=276202

            Bug ID: 276202
           Summary: ports-mgmt/pkg
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: pkg@FreeBSD.org
          Reporter: dave@jetcafe.org
          Assignee: pkg@FreeBSD.org
             Flags: maintainer-feedback?(pkg@FreeBSD.org)

So I was upgrading to Q4 (I know, I'm behind) and imagine my surprise when pkg
1.19 worked fine but pkg 1.20.9 suddenly breaks:

# pkg update
pkg: An error occured while fetching package

Tracing this down with the -d switch:

* Hostname mypkgs.dream-tech.com was found in DNS cache
*   Trying 172.17.1.1:443...
* Connected to mypkgs.dream-tech.com (172.17.1.1) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL certificate problem: unable to get local issuer certificate

Now I have proper Let's Encrypt certificates for the host "mypkgs" so this
shouldn't be happening? That CApath ... it doesn't exist on my system

# ls -l /etc/ssl
total 7
lrwxr-xr-x  1 root  wheel     43 Dec  6 19:49 cert.pem ->
../../usr/local/share/certs/ca-root-nss.crt
-rw-r--r--  1 root  wheel  10921 May  9  2022 openssl.cnf

I'm filing this as a bug only because the previous version worked without
changing the setup. Possible workaround solutions for me are:

1) Figure out what /etc/ssl/certs is supposed to be and link that
2) Trace down or google which environment variable is equivalent to the -k
switch in cURL (don't verify certificates)

Is there anything I am missing?

-- 
You are receiving this mail because:
You are the assignee for the bug.