Hi all, I just noticed that some of my servers are having trouble while running `apt-get update`, apparently due to TLS issues with apt.puppetlabs.com.
`apt-get update` returns: W: Failed to fetch https://apt.puppetlabs.com/dists/lucid/main/source/Sources.gz server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none However, I can access https://apt.puppetlabs.com fine via curl or Chrome, and the relevant root certificate is indeed in /etc/ssl/certs/ca-certificates.crt. But on closer inspection, it seems that the certificate chain returned when connecting to apt.puppetlabs.com contains two copies of the *.puppetlabs.com certificate as the first two links in the chain. I imagine it's possible that certain clients reject this as invalid. Has anybody else noticed this behaviour? In the meantime, I see that newer "puppetlabs-release-*.deb" packages use http://apt.puppetlabs.com (i.e. no https://), so I guess I have some apt-sources updating to do... Regards, Chris -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/941c4359-aff1-47af-b741-1b47aa5881f6%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
