Hello World! With the recent problems with kernel.org I've switched to getting the kernel source from github. However, when I first started to pull I encountered this problem:
andy:~/save/src/linux$ git pull https://github.com/torvalds/linux.git error: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed while accessing https://github.com/torvalds/linux.git/info/refs fatal: HTTP request failed andy:~/save/src/linux$ There are several ways to work around this. Probably the simplest solution is to change the "https" in the url to "git" and then it just works. Another solution is to get git to tell curl not to verify the ssl certificate. This can be done by setting this environment variable: export GIT_SSL_NO_VERIFY=true. You can make this change in ~/.gitconfig with the command: git config --global http.sslverify "false" And as root you can set it for everyone who uses the computer: git config --system http.sslverify "false" But I wasn't happy with that, if my git couldn't use https that wasn't good enough. As mentioned earlier, the ssl certificate is verified by curl and this is actually a problem with how curl was set up. When installing curl, it's possible to generate a bundle of ssl certificates with the command: make ca-bundle That will download a file from the mozilla source and run a perl script to extract the ssl certificates. If you already have a copy of the Firefox source you can use that instead of downloading it again (useful if you're installing offline): cp /path/to/firefox/security/nss/lib/ckfw/builtins/certdata.txt . perl lib/mk-ca-bundle.pl -n mv ca-bundle.crt /etc/ssl/certs Now all that is needed is to tell git about the ssl certificates: git config --global http.sslcainfo /etc/ssl/certs/ca-bundle.crt That will make the change in ~/.gitconfig To do it for everyone in /etc/gitconfig as root: git config --system http.sslcainfo /etc/ssl/certs/ca-bundle.crt Hope that helps someone avoid retracing my steps Andy -- http://linuxfromscratch.org/mailman/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
