pkg_https:// failures related to, for example, "SSL certificate problem: certificate is not yet valid"
Date: Wed, 03 Jul 2024 17:27:03 UTC
From a bugzilla comment frombeing blocked from working on an issue (not my entry): QUOTE ( of https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=280038#c37 ) Well this is a problem with that image and getting enough installed to be able to do anything like, oh, pkgbase it forward.... root@generic:~ # uname -v FreeBSD 14.1-RELEASE releng/14.1-n267679-10e31f0946d8 GENERIC freebsd root@generic:/home # pkg install git The package management tool is not yet installed on your system. Do you want to fetch and install it now? [y/N]: y Bootstrapping pkg from pkg+https://pkg.FreeBSD.org/FreeBSD:14:aarch64/quarterly, please wait... Certificate verification failed for /CN=pkg.freebsd.org 0020616CE1680000:error:0A000086:SSL routines:tls_post_process_server_certificate:certificate verify failed:/usr/src/crypto/openssl/ssl/statem/statem_clnt.c:1890: ..... pkg: Error fetching https://pkg.FreeBSD.org/FreeBSD:14:aarch64/quarterly/Latest/pkg.txz: Authentication error A pre-built version of pkg could not be found for your system. Consider changing PACKAGESITE or installing it from ports: 'ports-mgmt/pkg'. So it would appear that bootstrapping pkg is boned on releng/14.1 for the Pi at the moment. I shall have to wait until a snapshot shows up I can grab or this is corrected. END QUOTE Note the "pkg+https://". I had separate problems yesterday that I side stepped by testing use of just "pkg+http://", which worked. See: https://lists.freebsd.org/archives/freebsd-pkgbase/2024-July/000416.html pkg with -d for the https context had its debug output reporting: * SSL certificate problem: certificate is not yet valid It happened to be using 204.15.11.66:443 for the https activity. === Mark Millard marklmi at yahoo.com