I tested building a 3.72 package but that also does not solve the problem.
$ pkgrepo -s i386/repo/ list PUBLISHER NAME O VERSION userland crypto/ca-certificates 3.72-2020.0.1.0:20211028T165026Z The problem remains for both 3.71 and 3.72 that $ pkg contents ca-certificates | grep DST etc/certs/CA/DST_Root_CA_X3.pem So the expired certificate remains in the package. I am not certain how this should be solved. https://www.openssl.org/blog/blog/2021/09/13/LetsEncryptRootCertExpire/ is clear about several ways to fix it on a client machine. Perhaps escalating / providing a patch "upstream" to the source of those root certificates ?? Regards, David Stes _______________________________________________ oi-dev mailing list [email protected] https://openindiana.org/mailman/listinfo/oi-dev
