Re: Keep getting SSL certificate failures

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

> Hello,

Seems to work here on Arch (with testing repos). Check your packages
are up-to-date Might be something in your network (man-in-the-middle
attack?)

# pacman -Q curl openssl glibc
curl 8.0.1-1
openssl 3.0.8-1
glibc 2.37-2

# curl --version
curl 8.0.1 (x86_64-pc-linux-gnu) libcurl/8.0.1 OpenSSL/3.0.8
zlib/1.2.13 brotli/1.0.9 zstd/1.5.4 libidn2/2.3.4 libpsl/0.21.2
(+libidn2/2.3.4) libssh2/1.10
.0 nghttp2/1.52.0
Release-Date: [unreleased]
Protocols: dict file ftp ftps gopher gophers http https imap imaps
mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS brotli GSS-API HSTS HTTP2 HTTPS-proxy IDN
IPv6 Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL threadsafe
TLS-SRP UnixSock
ets zstd

# curl -v https://web.archive.org
*   Trying 207.241.237.3:443...
* Connected to web.archive.org (207.241.237.3) port 443 (#0)
* ALPN: offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: none
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN: server accepted h2
* Server certificate:
*  subject: CN=*.archive.org
*  start date: Jan 19 18:59:49 2023 GMT
*  expire date: Feb 20 18:59:49 2024 GMT
*  subjectAltName: host "web.archive.org" matched cert's "*.archive.org"
*  issuer: C=US; ST=Arizona; L=Scottsdale; O=GoDaddy.com, Inc.;
OU=http://certs.godaddy.com/repository/; CN=Go Daddy Secure
Certificate Authority - G2
*  SSL certificate verify ok.
* using HTTP/2
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: web.archive.org]
* h2h3 [user-agent: curl/8.0.1]
* h2h3 [accept: */*]
* Using Stream ID: 1 (easy handle 0x56276070aea0)
> GET / HTTP/2
> Host: web.archive.org
> user-agent: curl/8.0.1
> accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
< HTTP/2 200
< server: nginx/1.19.5
< date: Fri, 24 Mar 2023 12:12:27 GMT
< content-type: text/html; charset=utf-8
< x-app-server: wwwb-app220
< x-ts: 200
< x-tr: 2
< x-location: Slash
< x-rl: 0
< x-na: 0
< x-page-cache: MISS
< x-nid: -
< referrer-policy: no-referrer-when-downgrade
< permissions-policy: interest-cohort=()




-- 
damjan
[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux