expired Lets Encrypt CA and fetch

tech-lists tech-lists at zyxst.net
Fri Oct 1 01:15:00 UTC 2021


On Thu, Sep 30, 2021 at 11:46:50AM -0400, mike tancsa wrote:

>fails on releng11 and some RELENG_12, but not recent releng13.  Does
>anyone know whats going on and why its so inconsistent ? If I remove the
>expired CA entry from the bundle, it works but I dont have to on all
>clients ? Anyone know whats going on ?

It fails for me on 12.2-p7 and 13.0-p4 and stable/13 as of a few days
ago with fetch.

On the stable/13 the site works in firefox-93.0,2
On lynx-,1 on the same system I get a warning if I want to
continue as it's expired (n) choose (y) and it loads
On 12.2-p7 lynx-current-2.9.0d9 is the same.

I have no clue why your recent releng13 works. Maybe your fetch on 
there is linked to the ssl a browser would use? 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20211001/a3894508/attachment.sig>

More information about the freebsd-questions mailing list