Bug ID 1191220
Summary New Let's Encrypt certificate cannot be verify in Mono
Classification openSUSE
Product openSUSE Tumbleweed
Version Current
Hardware Other
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Basesystem
Assignee screening-team-bugs@suse.de
Reporter martin.liska@suse.com
QA Contact qa-bugs@suse.de
Found By ---
Blocker --- 

The following fails:

$ csharp -e 'new System.Net.WebClient ().DownloadString ("https://seznam.cz")'
System.Net.WebException: Error: TrustFailure (Authentication failed, see inner
exception.) ---> System.Security.Authentication.AuthenticationException:
Authentication failed, see inner exception. ---> Mono.Btls.MonoBtlsException:
Ssl error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED
  at
/home/abuild/rpmbuild/BUILD/mono-6.12.0.107/external/boringssl/ssl/handshake_client.c:1132
  at Mono.Btls.MonoBtlsContext.ProcessHandshake () [0x00048] in
<83dd749384734033afca92f4cfac782c>:0 
  at Mono.Net.Security.MobileAuthenticatedStream.ProcessHandshake
(Mono.Net.Security.AsyncOperationStatus status, System.Boolean renegotiate)
[0x000da] in <83dd749384734033afca92f4cfac782c>:0 
  at (wrapper remoting-invoke-with-check)
Mono.Net.Security.MobileAuthenticatedStream.ProcessHandshake(Mono.Net.Security.AsyncOperationStatus,bool)
  at Mono.Net.Security.AsyncHandshakeRequest.Run
(Mono.Net.Security.AsyncOperationStatus status) [0x00006] in
<83dd749384734033afca92f4cfac782c>:0 
  at Mono.Net.Security.AsyncProtocolRequest.ProcessOperation
(System.Threading.CancellationToken cancellationToken) [0x000fc] in
<83dd749384734033afca92f4cfac782c>:0 
   --- End of inner exception stack trace ---
  at Mono.Net.Security.MobileAuthenticatedStream.ProcessAuthentication
(System.Boolean runSynchronously,
Mono.Net.Security.MonoSslAuthenticationOptions options,
System.Threading.CancellationToken cancellationToken) [0x00262] in
<83dd749384734033afca92f4cfac782c>:0 
  at Mono.Net.Security.MonoTlsStream.CreateStream
(System.Net.WebConnectionTunnel tunnel, System.Threading.CancellationToken
cancellationToken) [0x0016a] in <83dd749384734033afca92f4cfac782c>:0 
  at System.Net.WebConnection.CreateStream (System.Net.WebOperation operation,
System.Boolean reused, System.Threading.CancellationToken cancellationToken)
[0x001ba] in <83dd749384734033afca92f4cfac782c>:0 
   --- End of inner exception stack trace ---
  at System.Net.WebConnection.CreateStream (System.Net.WebOperation operation,
System.Boolean reused, System.Threading.CancellationToken cancellationToken)
[0x0021a] in <83dd749384734033afca92f4cfac782c>:0 
  at System.Net.WebConnection.InitConnection (System.Net.WebOperation
operation, System.Threading.CancellationToken cancellationToken) [0x00141] in
<83dd749384734033afca92f4cfac782c>:0 
  at System.Net.WebOperation.Run () [0x0009a] in
<83dd749384734033afca92f4cfac782c>:0 
  at System.Net.WebCompletionSource`1[T].WaitForCompletion () [0x00094] in
<83dd749384734033afca92f4cfac782c>:0 
  at System.Net.HttpWebRequest.RunWithTimeoutWorker[T]
(System.Threading.Tasks.Task`1[TResult] workerTask, System.Int32 timeout,
System.Action abort, System.Func`1[TResult] aborted,
System.Threading.CancellationTokenSource cts) [0x000f8] in
<83dd749384734033afca92f4cfac782c>:0 
  at System.Net.HttpWebRequest.GetResponse () [0x00016] in
<83dd749384734033afca92f4cfac782c>:0 
  at System.Net.WebClient.GetWebResponse (System.Net.WebRequest request)
[0x00000] in <83dd749384734033afca92f4cfac782c>:0 
  at System.Net.WebClient.DownloadBits (System.Net.WebRequest request,
System.IO.Stream writeStream) [0x000e6] in <83dd749384734033afca92f4cfac782c>:0 
  at System.Net.WebClient.DownloadDataInternal (System.Uri address,
System.Net.WebRequest& request) [0x00061] in
<83dd749384734033afca92f4cfac782c>:0 
  at System.Net.WebClient.DownloadString (System.Uri address) [0x00011] in
<83dd749384734033afca92f4cfac782c>:0 
  at System.Net.WebClient.DownloadString (System.String address) [0x00008] in
<83dd749384734033afca92f4cfac782c>:0 
  at <InteractiveExpressionClass>.Host (System.Object& $retval) [0x00006] in
<bab8bbbe52954fd79168395f7636506e>:0 
  at Mono.CSharp.Evaluator.Evaluate (System.String input, System.Object&
result, System.Boolean& result_set) [0x00038] in
<dc18f8c1f3e14d9a83758fe12bb22a10>:0 
  at Mono.CSharpShell.Evaluate (System.String input) [0x00000] in
<a01f5168c3824ddfb7cf74041d74890a>:0 

It's discussed in the upstream issue: https://github.com/mono/mono/issues/12406
But I cannot fix it with:
sudo cert-sync /etc/ssl/certs/ca-certificates.crt

You are receiving this mail because: