Hi,
On Wed, 23 Nov 2022 at 18:18, Tobias Geerinckx-Rice wrote:
> It's incorrectly sending an ISRG Root X1 certificate, which chains
> to the expired DST Root CA X3.
>
> It should not send ISRG Root X1 at all.
Thanks for the explanations. Reported upstream.
Cheers,
simon
Hi Simon,
zimoun 写道:
Is it a bug in Guix nss-certs side? Or on Gitlab server side?
No Guix bug, the server is misconfigured.
It's incorrectly sending an ISRG Root X1 certificate, which chains
to the expired DST Root CA X3.
It should not send ISRG Root X1 at all.
Kind regards,
T G-R
Hi,
Well, using nss-certs@3.81, I get this failure,
--8<---cut here---start->8---
$ guix time-machine --commit=785fd09af0e161906e984944ddae363c384b66dd \
-- show nss-certs | recsel -p version
version: 3.81
$ guix time-machine