Hi,
I do have a TLS certificate issue in BLFS, maybe someone can enlighten me
what's happening here:
Trying to build rustc-1.23 fails for me, due to curl not willing to
download from https://dev-static.rust-lang.org . The CA that signed it
("Starfield Technologies, Inc") seems to be in /etc/ssl/certs
(f387163d.pem), created by a recent run of make-ca.sh .
However, that one slightly differs from the certificate actually used in
the chain from dev-static.rust-lang.org : The one in /etc/ssl/certs
additionally contains 2 "Trusted Uses", "BEGIN TRUSTED CERTIFICATE"
instead of "BEGIN CERTIFICATE" and because of that the certificate is a
few bytes longer (after being mostly identical).
Adding the actual root certificate of dev-static.rust-lang.org to
/etc/ssl/certs (i.e. the one without additional Trusted Uses) makes
curl and therefore rustc happy.
What am I missing? Who added that trust? Why is the one without trust
needed instead? What would be in charge of ignoring the trust? Is anybody
else seeing this?
Thanks in advance.
Uwe
--
http://lists.linuxfromscratch.org/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
