GNU bug report logs - #24396
25.1; Doesn't trust Let's Encrypt certificates (used by MELPA)

Previous Next

Package: emacs;

Reported by: Zack Weinberg <zackw <at> panix.com>

Date: Thu, 8 Sep 2016 17:37:02 UTC

Severity: normal

Tags: security

Merged with 28603

Found in versions 25.1, 25.3

Done: Ted Zlatanov <tzz <at> lifelogs.com>

Bug is archived. No further changes may be made.

Full log

Message #16 received at 24396 <at> debbugs.gnu.org (full text, mbox):

From: Eli Zaretskii <eliz <at> gnu.org>
To: Glenn Morris <rgm <at> gnu.org>
Cc: 24396 <at> debbugs.gnu.org, zackw <at> panix.com
Subject: Re: bug#24396: 25.1;
 Doesn't trust Let's Encrypt certificates (used by MELPA)
Date: Sat, 10 Sep 2016 08:46:19 +0300

> From: Glenn Morris <rgm <at> gnu.org>
> Date: Fri, 09 Sep 2016 15:55:48 -0400
> Cc: 24396 <at> debbugs.gnu.org
> 
> http://emacs.stackexchange.com/questions/18045/how-can-i-retrieve-an-https-url-on-mac-os-x-without-warnings-about-an-untrusted
> 
> seems relevant.
> 
> I guess OS X uses some system keychain for SSL certs that is opaque to Emacs.
> Perhaps it should learn to understand it, if that's even possible.

Isn't that the GnuTLS job?  (The OP's build is linked against GnuTLS.)
That's what happens on MS-Windows: GnuTLS uses the system-wide
certificate store, not the files you find on a typical Posix box.  We
already request GnuTLS to use system certificate store.

This bug report was last modified 7 years and 162 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #24396 25.1; Doesn't trust Let's Encrypt certificates (used by MELPA)

GNU bug report logs - #24396
25.1; Doesn't trust Let's Encrypt certificates (used by MELPA)