GNU bug report logs - #24396
25.1; Doesn't trust Let's Encrypt certificates (used by MELPA)

Previous Next

Package: emacs;

Reported by: Zack Weinberg <zackw <at> panix.com>

Date: Thu, 8 Sep 2016 17:37:02 UTC

Severity: normal

Tags: security

Merged with 28603

Found in versions 25.1, 25.3

Done: Ted Zlatanov <tzz <at> lifelogs.com>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Glenn Morris <rgm <at> gnu.org>
To: Zack Weinberg <zackw <at> panix.com>
Cc: 24396 <at> debbugs.gnu.org
Subject: bug#24396: 25.1; Doesn't trust Let's Encrypt certificates (used by MELPA)
Date: Fri, 09 Sep 2016 13:04:16 -0400

Zack Weinberg wrote:

> Emacs 25.1-rc2 (prebuilt for OSX, from
> https://emacsformacosx.com/emacs-builds/Emacs-pretest-25.1-rc2-universal.dmg)
> does not accept TLS certificates issued by Let's Encrypt
> (https://letsencrypt.org/).

It works fine for me on RHEL7.

I believe the trusted certs are specified by the gnutls-trustfiles
variable. Perhaps you need to explicitly add wherever they live on your
system, and/or perhaps the default needs to be improved for Mac OS X.

> (Incidentally, the *Network Security Manager* buffer is deleted after
> you answer the question, and C-x o or clicking in that buffer counts
> as answering "no". 

This sounds like a separate issue that should be fixed.

This bug report was last modified 7 years and 161 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #24396 25.1; Doesn't trust Let's Encrypt certificates (used by MELPA)

GNU bug report logs - #24396
25.1; Doesn't trust Let's Encrypt certificates (used by MELPA)