On 5/30/20 3:07 PM, Toralf Förster wrote:
> :-( :
>
> $ export GIT_TRACE=1
>
> $ git pull
> 15:07:08.488836 git.c:439 trace: built-in: git pull
> 15:07:08.504295 run-command.c:663 trace: run_command: git fetch
> --update-head-ok
> 15:07:08.506481 git.c:439 trace: built-in: git fetch
> --update-head-ok
> 15:07:08.516608 run-command.c:663 trace: run_command: GIT_DIR=.git
> git-remote-https origin
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
> fatal: unable to access
> 'https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/': SSL
> certificate problem: certificate has expired
>
> $ curl https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/
> curl: (60) SSL certificate problem: certificate has expired
> More details here: https://curl.haxx.se/docs/sslcerts.html
>
> curl failed to verify the legitimacy of the server and therefore could not
> establish a secure connection to it. To learn more about this situation and
> how to fix it, please visit the web page mentioned above.
>
Well, the cert is expired: "notAfter=May 30 10:48:38 2020 GMT"
echo | openssl s_client -showcerts -connect git.kernel.org:443
CONNECTED(0003)
depth=1 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN =
AddTrust External CA Root
verify error:num=10:certificate has expired
notAfter=May 30 10:48:38 2020 GMT
verify return:0
depth=1 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN =
AddTrust External CA Root
verify error:num=10:certificate has expired
notAfter=May 30 10:48:38 2020 GMT
verify return:0
depth=3 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN =
AddTrust External CA Root
verify error:num=10:certificate has expired
notAfter=May 30 10:48:38 2020 GMT
verify return:0
---
Certificate chain
0 s:/OU=Domain Control Validated/OU=PositiveSSL Multi-Domain/CN=kernel.org
i:/C=FR/ST=Paris/L=Paris/O=Gandi/CN=Gandi Standard SSL CA 2
-BEGIN CERTIFICATE-
MIIGszCCBZugAwIBAgIQRF7gFMlJ3UO909a39zv1mzANBgkqhkiG9w0BAQsFADBf
MQswCQYDVQQGEwJGUjEOMAwGA1UECBMFUGFyaXMxDjAMBgNVBAcTBVBhcmlzMQ4w
DAYDVQQKEwVHYW5kaTEgMB4GA1UEAxMXR2FuZGkgU3RhbmRhcmQgU1NMIENBIDIw
HhcNMTkwOTI3MDAwMDAwWhcNMjAwOTI3MjM1OTU5WjBbMSEwHwYDVQQLExhEb21h
aW4gQ29udHJvbCBWYWxpZGF0ZWQxITAfBgNVBAsTGFBvc2l0aXZlU1NMIE11bHRp
LURvbWFpbjETMBEGA1UEAxMKa2VybmVsLm9yZzCCAaIwDQYJKoZIhvcNAQEBBQAD
ggGPADCCAYoCggGBAOD0/Tk0EeH6/ahZQAiBtoMMY8Bxmql2kxJ+smBIP9Yq+MtJ
utc/CeUbnTTnpLDf1nTjqJ6AGyCE+pzw8sPSXKJrY6he1jjCafjsx193KMvqCUty
SZgDdsV7AKr4KjbbQ9CE3tTR1cBKYcCvro4elAXcLbG53qWe/UXwcIPmvwj8n2WW
irMHTr4b+x1Pr7B2Vhc2IHFdnzb43krTXiXuuWCo84281hxO7EIlD3Enjm7rICpU
coldqOaNS3LRkeiR8RrbQfyiqI8XncSykjzVbOZVSVRCvLzRL0MsBKU1F/WMoBYc
ahV92wnYnpGD1s7Wi1eP8ne5+5SPqwS43G4AXxH0hdU7gkHS4i0n7nGmmfRIxD+I
57dvXdnxgSyT21IHp+lMFashblRg8+ZZD5Oy1ouTqBe604FXsjryeQqRUFePTPRB
vYxlg31qne/UUPpo1GcDAjsTv6YSUyUjXoINBQsvpDUgHYkOkHXEyMVRynpBsbJA
p0elmqf4aMr89tn72QIDAQABo4IC7TCCAukwHwYDVR0jBBgwFoAUs5Cn2MmvTs1h
PJ98rV1/Qf1pMOowHQYDVR0OBBYEFLr+wGAi2JEEPCMYIvyjFmMlmLK/MA4GA1Ud
DwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
BgEFBQcDAjBLBgNVHSAERDBCMDYGCysGAQQBsjEBAgIaMCcwJQYIKwYBBQUHAgEW
GWh0dHBzOi8vY3BzLnVzZXJ0cnVzdC5jb20wCAYGZ4EMAQIBMEEGA1UdHwQ6MDgw
NqA0oDKGMGh0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9HYW5kaVN0YW5kYXJkU1NM
Q0EyLmNybDBzBggrBgEFBQcBAQRnMGUwPAYIKwYBBQUHMAKGMGh0dHA6Ly9jcnQu
dXNlcnRydXN0LmNvbS9HYW5kaVN0YW5kYXJkU1NMQ0EyLmNydDAlBggrBgEFBQcw
AYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTBdBgNVHREEVjBUggprZXJuZWwu
b3JnghJhcmNoaXZlLmtlcm5lbC5vcmeCDmdpdC5rZXJuZWwub3JnghJtaXJyb3Jz
Lmtlcm5lbC5vcmeCDnd3dy5rZXJuZWwub3JnMIIBBAYKKwYBBAHWeQIEAgSB9QSB
8gDwAHYAsh4FzIuizYogTodm+Su5iiUgZ2va+nDnsklTLe+LkF4AAAFtcsuYjgAA
BAMARzBFAiAgbvK3x78RoQXt035wmJqTm/wMFWgfla2ctSyBXLzepAIhAKApjbW3
8p0jlaBkrKQA8eEieenCN5F+PZtm8JSHhAD2AHYAXqdz+d9WwOe1Nkh90EngMnqR
mgyEoRIShBh1loFxRVgAAAFtcsuYsgAABAMARzBFAiEA4JnyL5WAsHHd4WbhqoG6
/C3KFYmZGg04YUFxqAzwbpMCIBjHZMvO/LKSdVcKC45c5FJwc75O/2+7vbkfFAn1
/WV4MA0GCSqGSIb3DQEBCwUAA4IBAQASeh5QNteAKqY+sr7uBTHq56v1MJbbdMO7
QJaCSQd4P2OSQDA83oGfdkj458+d9gMTvBu+pNi1/l0aIz1IMEsuAJNXhN5jLCB/
n1CHaTK5b9Oda96+MejWAiiTNZo1UBLQ5ixNvGp1MHDklELm/supbatSCP65eEpp
E7OI5lLxCLrvsiwUaSKIIO2tEIgwiMkwopdMgwJa7RqljUP7YlYKnAxizOi+yTrA
nXA0OqLtrl5pwnN3Uj/F91X6c6tOvHWkNZ1qPad6r7ZHCP8mq3RFiMeSixiJ6LR2
gtFRKmvMIUIESh60F91+2AeUfCa/tBfOM+PDpsNNaZ+iHHaicAIw
-END CERTIFICATE-
1 s:/C=FR/ST=Paris/L=Paris/O=Gandi/CN=Gandi Standard SSL CA 2
i:/C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust RSA
Certification Authority
-BEGIN CERTIFICATE-
MIIF6TCCA9GgAwIBAgIQBeTcO5Q4qzuFl8umoZhQ4zANBgkqhkiG9w0BAQwFADCB
iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQw
OTEyMDAwMDAwWhcNMjQwOTExMjM1OTU5WjBfMQswCQYD