http://bugzilla.opensuse.org/show_bug.cgi?id=1191220 Bug ID: 1191220 Summary: New Let's Encrypt certificate cannot be verify in Mono Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem Assignee: screening-team-bugs@suse.de Reporter: martin.liska@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- The following fails: $ csharp -e 'new System.Net.WebClient ().DownloadString ("https://seznam.cz")' System.Net.WebException: Error: TrustFailure (Authentication failed, see inner exception.) ---> System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception. ---> Mono.Btls.MonoBtlsException: Ssl error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED at /home/abuild/rpmbuild/BUILD/mono-6.12.0.107/external/boringssl/ssl/handshake_client.c:1132 at Mono.Btls.MonoBtlsContext.ProcessHandshake () [0x00048] in <83dd749384734033afca92f4cfac782c>:0 at Mono.Net.Security.MobileAuthenticatedStream.ProcessHandshake (Mono.Net.Security.AsyncOperationStatus status, System.Boolean renegotiate) [0x000da] in <83dd749384734033afca92f4cfac782c>:0 at (wrapper remoting-invoke-with-check) Mono.Net.Security.MobileAuthenticatedStream.ProcessHandshake(Mono.Net.Security.AsyncOperationStatus,bool) at Mono.Net.Security.AsyncHandshakeRequest.Run (Mono.Net.Security.AsyncOperationStatus status) [0x00006] in <83dd749384734033afca92f4cfac782c>:0 at Mono.Net.Security.AsyncProtocolRequest.ProcessOperation (System.Threading.CancellationToken cancellationToken) [0x000fc] in <83dd749384734033afca92f4cfac782c>:0 --- End of inner exception stack trace --- at Mono.Net.Security.MobileAuthenticatedStream.ProcessAuthentication (System.Boolean runSynchronously, Mono.Net.Security.MonoSslAuthenticationOptions options, System.Threading.CancellationToken cancellationToken) [0x00262] in <83dd749384734033afca92f4cfac782c>:0 at Mono.Net.Security.MonoTlsStream.CreateStream (System.Net.WebConnectionTunnel tunnel, System.Threading.CancellationToken cancellationToken) [0x0016a] in <83dd749384734033afca92f4cfac782c>:0 at System.Net.WebConnection.CreateStream (System.Net.WebOperation operation, System.Boolean reused, System.Threading.CancellationToken cancellationToken) [0x001ba] in <83dd749384734033afca92f4cfac782c>:0 --- End of inner exception stack trace --- at System.Net.WebConnection.CreateStream (System.Net.WebOperation operation, System.Boolean reused, System.Threading.CancellationToken cancellationToken) [0x0021a] in <83dd749384734033afca92f4cfac782c>:0 at System.Net.WebConnection.InitConnection (System.Net.WebOperation operation, System.Threading.CancellationToken cancellationToken) [0x00141] in <83dd749384734033afca92f4cfac782c>:0 at System.Net.WebOperation.Run () [0x0009a] in <83dd749384734033afca92f4cfac782c>:0 at System.Net.WebCompletionSource`1[T].WaitForCompletion () [0x00094] in <83dd749384734033afca92f4cfac782c>:0 at System.Net.HttpWebRequest.RunWithTimeoutWorker[T] (System.Threading.Tasks.Task`1[TResult] workerTask, System.Int32 timeout, System.Action abort, System.Func`1[TResult] aborted, System.Threading.CancellationTokenSource cts) [0x000f8] in <83dd749384734033afca92f4cfac782c>:0 at System.Net.HttpWebRequest.GetResponse () [0x00016] in <83dd749384734033afca92f4cfac782c>:0 at System.Net.WebClient.GetWebResponse (System.Net.WebRequest request) [0x00000] in <83dd749384734033afca92f4cfac782c>:0 at System.Net.WebClient.DownloadBits (System.Net.WebRequest request, System.IO.Stream writeStream) [0x000e6] in <83dd749384734033afca92f4cfac782c>:0 at System.Net.WebClient.DownloadDataInternal (System.Uri address, System.Net.WebRequest& request) [0x00061] in <83dd749384734033afca92f4cfac782c>:0 at System.Net.WebClient.DownloadString (System.Uri address) [0x00011] in <83dd749384734033afca92f4cfac782c>:0 at System.Net.WebClient.DownloadString (System.String address) [0x00008] in <83dd749384734033afca92f4cfac782c>:0 at <InteractiveExpressionClass>.Host (System.Object& $retval) [0x00006] in <bab8bbbe52954fd79168395f7636506e>:0 at Mono.CSharp.Evaluator.Evaluate (System.String input, System.Object& result, System.Boolean& result_set) [0x00038] in <dc18f8c1f3e14d9a83758fe12bb22a10>:0 at Mono.CSharpShell.Evaluate (System.String input) [0x00000] in <a01f5168c3824ddfb7cf74041d74890a>:0 It's discussed in the upstream issue: https://github.com/mono/mono/issues/12406 But I cannot fix it with: sudo cert-sync /etc/ssl/certs/ca-certificates.crt -- You are receiving this mail because: You are on the CC list for the bug.