On 3/10/26 2:39 AM, Otto Moerbeek wrote:
> On Tue, Mar 10, 2026 at 01:05:48PM +0700, hahahahacker2009 wrote:
>
>> Vào Thứ 7, 7 thg 3, 2026 vào lúc 06:08 James Jerkins
>> <james@jamesjerkinscomputer.com> đã viết:
>> >
>> > On 03/05/26, Nick Holland wrote:
>> > > that problem was malformed URLs in the links, if you removed the duplicate
>> > > part of the URL, it worked as expected. krw@ had already found and fixed
>> > > the problem, but I hadn't updated it in the running code (oops!). This
>> > > has been fixed now.
>> > >
>> >
>> > Thanks, that fixed the duplicate URLs!
>> >
>> > Every https request to the new cvsweb from Lynx displays an error:
>> >
>> > "SSL error:unable to get local issuer certificate"
>> >
>> > Checking the certs returned via the command line shows certs for cvsweb
>> > and the intermediate.
>> >
>> > CONNECTED(00000003)
>> > depth=0 CN = cvsweb.openbsd.org
>> > verify error:num=20:unable to get local issuer certificate
>> > verify return:1
>> > ---
>> > Certificate chain
>> > 0 s:/CN=cvsweb.openbsd.org
>> > i:/C=US/O=Let's Encrypt/CN=R12
>> > -----BEGIN CERTIFICATE-----
>> >
>> > Can the new cvsweb send the full certificate chain or is this a
>> > Lynx problem?
>> >
>>
>> curl also fail. I think certificates should always be read using
>> a function that read a certificate chain?
>>
>> > I love the new bike shed and the paint color. Job well done to Ken and Nick!
>> > Thank you both for improving cvsweb.
>> >
>> >
>>
>
> Looking with opensls s_client, this seems more like the server only
> sends the certificate and not the full chain. Some clients do not like
> that.
>
> -Otto
>
this should be fixed now.
Nick.
No comments:
Post a Comment