apt-transport-https fail after squeeze upgrade

To: deity@lists.debian.org
Subject: apt-transport-https fail after squeeze upgrade
From: Johannes Ernst <johannes.ernst@gmail.com>
Date: Sat, 14 Aug 2010 12:11:39 -0700
Message-id: <[🔎] C492A3CF-1061-438D-9D12-0909C798D20A@gmail.com>

I have an apt https setup with client certs that has been working fine for lenny. After upgrading to squeeze, it fails. Has anything changed in the configuration? I'm not really able to find any relevant documentation ...

Details:

----

Error message on client (that runs apt):

Err https://FOO foo/main Packages
  SSL connection timeout
W: Failed to fetch https://FOO/FOO/dists/foo/main/binary-i386/Packages.gz  SSL connection timeout

----

SSL log on the server (that runs apt-cacher):

squeeze:
[14/Aug/2010:19:05:19 +0000] 192.168.1.5 SSLv3 - - -

compare with lenny:
[14/Aug/2010:10:11:06 +0000] 192.168.1.6 SSLv3 DHE-RSA-AES128-SHA FOO FOO.com

----

/etc/apt/apt.conf.d/client-cert:

Acquire {
  https {
        Verify-Peer "false";
        CaPath  "/etc/ssl/certs";
        Verify-Host "false";
        AllowRedirect  "true";

        SslCert "/etc/FOO/FOO.crt";
        SslKey  "/etc/FOO/FOO.key";
        SslForceVersion "SSLv3"; // Somehow it does not work unless we do this (this is a lenny comment, but changing it does not change matters in squeeze)
  }
}

----

When I use the same client cert files with curl on squeeze, I can access the file that apt fails to access.


Any ideas?

Reply to:

Follow-Ups:
- Re: apt-transport-https fail after squeeze upgrade
  - From: David Kalnischkies <kalnischkies+debian@gmail.com>

Prev by Date: Bug#592951: apt: [INTL: it] Italian translation not update
Next by Date: [l10n] What branch should I work on wrt APT for Debian squeeze
Previous by thread: Bug#592951: apt: [INTL: it] Italian translation not update
Next by thread: Re: apt-transport-https fail after squeeze upgrade
Index(es):
- Date
- Thread