Re: armhf: buster: TLS / HTTPS partly broken

To: debian-user@lists.debian.org
Subject: Re: armhf: buster: TLS / HTTPS partly broken
From: Reco <recoverym4n@enotuniq.net>
Date: Sun, 3 May 2020 20:55:42 +0300
Message-id: <[🔎] E1jVIq6-0001iW-HI@enotuniq.net>
In-reply-to: <[🔎] CAEE5dN3Xe5hhVC8kM7vWD8kzxzVf8pcaWZu0o3DmukgRP8L=vQ@mail.gmail.com>
References: <[🔎] E1jVGpp-0001cB-Tq@enotuniq.net> <[🔎] CAEE5dN3Xe5hhVC8kM7vWD8kzxzVf8pcaWZu0o3DmukgRP8L=vQ@mail.gmail.com>

On Sun, May 03, 2020 at 07:20:13PM +0200, Mark Jonas wrote:
> Hi Reco,
> 
> >> curl: (60) SSL certificate problem: unable to get local issuer certificate
> >>
> >> Does that mean a TLS library does not feature all required protocols on armhf?
> >
> > TLS library that curl uses (openssl) is perfectly fine, but it cannot
> > validate any certificate unless you provide it with root CA
> > certificates.
> > So it likely means you haven't installed "ca-certificates" package.
> 
> This is what it looks like. But actually I installed ca-certificates.

Ok. Can you run tcpdump while you're running curl?
Specifically,

tcpdump -s0 -pnni any -w /tmp/curl.pcap tcp port 443

Reco

Reply to:

References:
- Re: armhf: buster: TLS / HTTPS partly broken
  - From: Reco <recoverym4n@enotuniq.net>
- Re: armhf: buster: TLS / HTTPS partly broken
  - From: Mark Jonas <toertel@gmail.com>

Prev by Date: Re: Anti-malware for my personal Debian workstation?
Next by Date: Re: /etc/default/keyboard not loaded at startup
Previous by thread: Re: armhf: buster: TLS / HTTPS partly broken
Next by thread: Re: armhf: buster: TLS / HTTPS partly broken
Index(es):
- Date
- Thread