On Tue, Mar 5, 2013 at 2:22 AM, Adrian Schröter
On Montag, 4. März 2013, 12:56:29 wrote Archie Cobbs:
This is on a 12.2 system where I'm attempting to run osc for the first time:
$ osc build
*** certificate verify failed at depth 1
Subject: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert
High Assurance CA-3
Issuer: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert
High Assurance EV Root CA
Valid: Apr 2 12:00:00 2008 GMT - Apr 3 00:00:00 2022 GMT
Fingerprint(MD5): C68B9930C8578D416F8C094E6ADB0C90
Fingerprint(SHA1): 42857855FB0EA43F54C9911E30E7791D8CE82705
hm, in case I use openssl correctly, these are not our finger prints.
# openssl x509 -noout -in w -fingerprint
SHA1 Fingerprint=F0:76:9C:42:D3:F1:C0:ED:C6:F6:15:C0:F8:D5:C7:29:60:EB:53:46
# openssl x509 -noout -in w -hash
b98ab90b
Are you sure that there is no proxy in between which sneaks into the SSL connection?
I don't think so... and if you look at the certificate, it has *.opensuse.org as the CN. Is DigiCert in the CA chain for the real certificate? I think (one of) the upstream CA's is missing from some CA cache. I'd like to reproduce the problem but I can't because I accepted the certificate. Where in the filesystem is it stored so I can revert that? -Archie -- Archie L. Cobbs -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org