Re: How to make apt-transport-https accept security.debian.org bad certificate?

[Michael Jones <mj@mikejonesey.co.uk>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 20/10/15 09:06, Michael Jones wrote:
> On 20/10/15 09:01, Michael Jones wrote:
>>> no peer certificate available
> correction, needed sni, will re-test
> 
> mike@mike-laptop3:~$ openssl s_client -showcerts -connect 
> debian.org:443 -servername security.debian.org  </dev/null 
> CONNECTED(00000003) depth=2 C = US, ST = New Jersey, L = Jersey
> City, O = The USERTRUST Network, CN = USERTrust RSA Certification
> Authority verify error:num=20:unable to get local issuer
> certificate verify return:0

back home now, had another look, ssl is not available on the server
security.debian.org, so you won't be able to change the protocol to
https. If for whatever reason you wanted ssl, you could either have an
ssl proxy or a mirror that provided ssl.

mike@mike-laptop3:~$ wget
"https://security.debian.org/debian-security/dists/jessie/updates/non-fr
ee/binary-i386/Packages.bz2"
- --2015-10-20 21:35:34--
https://security.debian.org/debian-security/dists/jessie/updates/non-fre
e/binary-i386/Packages.bz2
Resolving security.debian.org (security.debian.org)... 195.20.242.89,
212.211.132.32, 212.211.132.250, ...
Connecting to security.debian.org
(security.debian.org)|195.20.242.89|:443... failed: Connection refused.
Connecting to security.debian.org
(security.debian.org)|212.211.132.32|:443... failed: Connection refused.
Connecting to security.debian.org
(security.debian.org)|212.211.132.250|:443... failed: Connection refused
.
Connecting to security.debian.org
(security.debian.org)|2001:a78:5:1:216:35ff:fe7f:6ceb|:443... failed:
Network is unreachable.
Connecting to security.debian.org
(security.debian.org)|2001:a78:5:0:216:35ff:fe7f:be4f|:443... failed:
Network is unreachable.

mike@mike-laptop3:~$ openssl s_client -showcerts -connect
security.debian.org:443 -servername apache.org  </dev/null
connect: Connection refused
connect:errno=111

mike@mike-laptop3:~$ nmap security.debian.org -Pn -p 443 2>&1 | grep 443
443/tcp closed https

Kind Regards,
Mike
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJWJqX5AAoJEOYwtpHNe8FmaLkH/3PjtG7fEUmm5iHemoplpgA6
2V0LRxeyT/mJhyB0DKV9snhqOjDNMwDhgUMF/uj6S5TpVasHg+H6fR5vjzSHR4Q/
tcs3zEhPnZTQOrED1KB37P716zDtYScsxqZDwqnSHEi/JAeX3k54OZmPuPACMnvh
L5fLs0KtpMa038zeoncsOMBhnV8yvJDX2Tms08einKnGRahEXwhBZ/myb996sDqu
td1OgrlTZjNYcexee0bEGZAa8BqKAugDhO/FQJrgJpff/5KtbzosHMKyXk86DPxK
fRaDplZLix8SnyFWc7qY+o+Jly61h0WyZ/PeY17qVa9A7yYvVEkLOoXkiyx3UyE=
=gIdP
-----END PGP SIGNATURE-----