From unknown Sat Sep 06 10:20:43 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#24575: 25.1; TLS cert lossage
Resent-From: "Devon Sean McCullough" <Emacs-Hacker2016@jovi.net>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Fri, 30 Sep 2016 21:51:02 +0000
Resent-Message-ID: <handler.24575.B.147527223731397@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: report 24575
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: 
To: 24575@debbugs.gnu.org
X-Debbugs-Original-To: bug-gnu-emacs@gnu.org
Received: via spool by submit@debbugs.gnu.org id=B.147527223731397
          (code B ref -1); Fri, 30 Sep 2016 21:51:02 +0000
Received: (at submit) by debbugs.gnu.org; 30 Sep 2016 21:50:37 +0000
Received: from localhost ([127.0.0.1]:40047 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1bq5hO-0008AF-QF
	for submit@debbugs.gnu.org; Fri, 30 Sep 2016 17:50:36 -0400
Received: from eggs.gnu.org ([208.118.235.92]:34062)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <Emacs-Hacker2016@jovi.net>) id 1bq5hM-00089y-3l
 for submit@debbugs.gnu.org; Fri, 30 Sep 2016 17:50:29 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <Emacs-Hacker2016@jovi.net>) id 1bq5hD-0005LX-Dd
 for submit@debbugs.gnu.org; Fri, 30 Sep 2016 17:50:22 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50 autolearn=disabled
 version=3.3.2
Received: from lists.gnu.org ([2001:4830:134:3::11]:33242)
 by eggs.gnu.org with esmtp (Exim 4.71)
 (envelope-from <Emacs-Hacker2016@jovi.net>) id 1bq5hD-0005LR-9f
 for submit@debbugs.gnu.org; Fri, 30 Sep 2016 17:50:19 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:53233)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <Emacs-Hacker2016@jovi.net>) id 1bq5h9-0006yc-Ka
 for bug-gnu-emacs@gnu.org; Fri, 30 Sep 2016 17:50:18 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <Emacs-Hacker2016@jovi.net>) id 1bq5h5-0005Hn-Dg
 for bug-gnu-emacs@gnu.org; Fri, 30 Sep 2016 17:50:15 -0400
Received: from gateway23.websitewelcome.com ([192.185.50.119]:39105)
 by eggs.gnu.org with esmtp (Exim 4.71)
 (envelope-from <Emacs-Hacker2016@jovi.net>) id 1bq5h5-00055j-3N
 for bug-gnu-emacs@gnu.org; Fri, 30 Sep 2016 17:50:11 -0400
Received: from cm1.websitewelcome.com (cm.websitewelcome.com [192.185.0.102])
 by gateway23.websitewelcome.com (Postfix) with ESMTP id BF7C1B16670D4
 for <bug-gnu-emacs@gnu.org>; Fri, 30 Sep 2016 16:49:57 -0500 (CDT)
Received: from leaf.websitewelcome.com ([192.185.82.99])
 by cm1.websitewelcome.com with 
 id pxpv1t00h28afQo01xpwua; Fri, 30 Sep 2016 16:49:57 -0500
Received: from jovinet by leaf.websitewelcome.com with local (Exim 4.86_1)
 (envelope-from <Emacs-Hacker2016@jovi.net>) id 1bq5gp-000WOI-OI
 for bug-gnu-emacs@gnu.org; Fri, 30 Sep 2016 16:49:55 -0500
Received: from 74.96.160.131 ([74.96.160.131])
 (SquirrelMail authenticated user devon2011@jovi.net)
 by leaf.websitewelcome.com with HTTP; Fri, 30 Sep 2016 16:49:55 -0500
Message-ID: <bf2f339ed2b6a6a42167a6be5cc8aaa3.squirrel@leaf.websitewelcome.com>
Date: Fri, 30 Sep 2016 16:49:55 -0500
From: "Devon Sean McCullough" <Emacs-Hacker2016@jovi.net>
User-Agent: SquirrelMail/1.5.2 [SVN]
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
X-AntiAbuse: This header was added to track abuse,
 please include it with any abuse report
X-AntiAbuse: Primary Hostname - leaf.websitewelcome.com
X-AntiAbuse: Original Domain - gnu.org
X-AntiAbuse: Originator/Caller UID/GID - [1956 32003] / [47 12]
X-AntiAbuse: Sender Address Domain - jovi.net
X-BWhitelist: no
X-Source-IP: 
X-Exim-ID: 1bq5gp-000WOI-OI
X-Source: /usr/local/cpanel/3rdparty/php/54/bin/php-cgi
X-Source-Args: /usr/local/cpanel/3rdparty/php/54/bin/php-cgi
 /usr/local/cpanel/base/3rdparty/squirrelmail/src/compose.php 
X-Source-Dir: :/base/3rdparty/squirrelmail/src
X-Source-Sender: 
X-Source-Auth: jovinet
X-Email-Count: 1
X-Source-Cap: am92aW5ldDtkZXZvbjtsZWFmLndlYnNpdGV3ZWxjb21lLmNvbQ==
Content-Transfer-Encoding: quoted-printable
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x
X-Received-From: 2001:4830:134:3::11
X-Spam-Score: -4.4 (----)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -4.4 (----)

url-retrieve-synchronously distrusts this perfectly good cert
which is trusted by Emacs 24.3, Emacs 24.5 and FireFox 49.0.1:

$ Open -a /Applications/Emacs.app -n --args -Q --eval '(progn (setq
debug-on-error t) (trace-function (function nsm-query-user))
(url-retrieve-synchronously "https://HostGator.com"))'

*trace-output*
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
1 -> (nsm-query-user "The TLS connection to %s:%s is insecure for the
following reason%s:

%s" ("hostgator.com" 443 "s" "the certificate was signed by an unknown an=
d
therefore untrusted authority
certificate could not be verified") #("Certificate information
Issued by:          COMODO RSA Domain Validation Secure Server CA
Issued to:          Domain Control Validated
Hostname:           *.hostgator.com
Public key:         RSA, signature: RSA-SHA256
Protocol:           TLS1.2, key: ECDHE-RSA, cipher: AES-128-CBC, mac: SHA=
256
Security level:     Medium
Valid:              From 2015-10-16 to 2018-10-15

" 315 321 (face bold)))
1 <- nsm-query-user: no

*Backtrace*
Debugger entered--Lisp error: (error "Could not create connection to
hostgator.com:443")
  signal(error ("Could not create connection to hostgator.com:443"))
  error("Could not create connection to %s:%d" "hostgator.com" 443)
  url-http([cl-struct-url "https" nil nil "hostgator.com" nil "" nil nil =
t
nil t] #[128 "\302\303\304p#\210\300\305\240\210\301p\240\207" [(nil)
(nil) url-debug retrieval "Synchronous fetching done (%S)" t] 5 "\n\n(fn
&rest IGNORED)"] (nil) nil tls)
  url-https([cl-struct-url "https" nil nil "hostgator.com" nil "" nil nil
t nil t] #[128 "\302\303\304p#\210\300\305\240\210\301p\240\207" [(nil)
(nil) url-debug retrieval "Synchronous fetching done (%S)" t] 5 "\n\n(fn
&rest IGNORED)"] (nil))
  url-retrieve-internal("https://HostGator.com" #[128
"\302\303\304p#\210\300\305\240\210\301p\240\207" [(nil) (nil) url-debug
retrieval "Synchronous fetching done (%S)" t] 5 "\n\n(fn &rest
IGNORED)"] (nil) nil nil)
  url-retrieve("https://HostGator.com" #[128
"\302\303\304p#\210\300\305\240\210\301p\240\207" [(nil) (nil) url-debug
retrieval "Synchronous fetching done (%S)" t] 5 "\n\n(fn &rest
IGNORED)"] nil nil nil)
  url-retrieve-synchronously("https://HostGator.com")
  (progn (setq debug-on-error t) (trace-function (function
nsm-query-user)) (url-retrieve-synchronously "https://HostGator.com"))
  eval((progn (setq debug-on-error t) (trace-function (function
nsm-query-user)) (url-retrieve-synchronously "https://HostGator.com")))
  command-line-1(("--eval" "(progn (setq debug-on-error t) (trace-functio=
n
(function nsm-query-user)) (url-retrieve-synchronously
\"https://HostGator.com\"))"))
  command-line()
  normal-top-level()

$ Open https://HostGator.com	# FireFox 49.0.1 accepts the cert without
question and can export the chain to a PEM file:

$ awk '/BEGIN CERTIFICATE/,/END CERTIFICATE/ {cert =3D cert "\n" $0}; /EN=
D
CERTIFICATE/ {system ("OpenSSL x509 -text <<.\n" cert "\n.\n"); cert =3D
""}' < '*.hostgator.com.crt'
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            cb:66:63:4e:f1:c6:d1:71:40:ab:7d:99:b5:4c:16:de
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=3DGB, ST=3DGreater Manchester, L=3DSalford, O=3DCOMODO =
CA
Limited, CN=3DCOMODO RSA Domain Validation Secure Server CA
        Validity
            Not Before: Oct 16 00:00:00 2015 GMT
            Not After : Oct 15 23:59:59 2018 GMT
        Subject: OU=3DDomain Control Validated, OU=3DHosted by HostGator.=
com,
LLC., OU=3DPositiveSSL Wildcard, CN=3D*.hostgator.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (2048 bit)
                Modulus (2048 bit):
                    00:c7:a5:32:1b:d3:af:0a:81:a6:60:da:87:80:e8:
                    71:b4:2d:8f:4f:5b:5c:e3:75:b5:f5:ae:01:21:f7:
                    e5:ca:f3:8b:64:fd:d8:d7:09:ec:c0:b8:b1:3e:ed:
                    8d:13:b6:fa:69:ff:10:c0:30:e1:ea:8e:23:ba:4d:
                    a3:f9:d7:b7:ca:b9:a4:df:76:a6:37:b9:c0:ea:44:
                    4c:db:f0:60:45:ea:1c:47:b7:26:33:f7:e6:3b:70:
                    42:94:6c:d9:29:4d:9f:f5:42:46:db:96:65:40:f4:
                    24:8a:34:2d:f8:84:99:98:ac:40:d4:27:11:b7:0d:
                    11:0b:c2:ed:77:cb:e6:93:7c:99:5a:6a:f6:eb:f1:
                    02:f8:26:d9:9a:15:b7:8e:2d:a0:dc:d8:f4:5c:ce:
                    ef:20:a2:49:0f:b6:69:ab:e7:dc:21:5d:46:64:2c:
                    34:1b:81:74:9c:d6:2f:d5:05:fd:77:df:d7:3f:97:
                    80:49:b7:81:52:7d:1c:be:9b:ce:3d:3e:2d:96:5b:
                    1f:04:2c:62:ff:c4:1c:f8:e3:ab:4d:40:49:81:32:
                    e1:81:df:7c:1c:39:15:55:cf:47:19:35:a0:4d:cd:
                    7e:ef:b0:be:31:74:15:52:8d:d7:d2:7e:e6:9e:87:
                    9a:87:8c:62:b6:0d:8a:f8:cb:60:08:f7:d9:e8:22:
                    5e:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier:
                keyid:90:AF:6A:3A:94:5A:0B:D8:90:EA:12:56:73:DF:43:B4:3A:=
28:DA:E7

            X509v3 Subject Key Identifier:
                CE:54:03:B4:98:00:7C:DE:70:72:6C:9C:D4:BE:39:01:FE:31:EE:=
C3
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage:
                TLS Web Server Authentication, TLS Web Client Authenticat=
ion
            X509v3 Certificate Policies:
                Policy: 1.3.6.1.4.1.6449.1.2.2.7
                  CPS: https://secure.comodo.com/CPS
                Policy: 2.23.140.1.2.1

            X509v3 CRL Distribution Points:
                URI:http://crl.comodoca.com/COMODORSADomainValidationSecu=
reServerCA.crl

            Authority Information Access:
                CA Issuers -
URI:http://crt.comodoca.com/COMODORSADomainValidationSecureServerCA.crt
                OCSP - URI:http://ocsp.comodoca.com

            X509v3 Subject Alternative Name:
                DNS:*.hostgator.com, DNS:hostgator.com
    Signature Algorithm: sha256WithRSAEncryption
        2b:89:cf:de:f6:af:78:80:0c:dd:cb:d8:39:ee:bf:41:3a:5c:
        a1:64:95:5e:cd:b5:25:b6:fc:e2:07:73:ab:05:d3:26:35:70:
        12:93:2d:4e:ca:61:35:4e:6c:12:e6:ed:f1:46:cf:ac:60:c1:
        bf:7c:dd:82:f2:54:e5:55:53:95:05:84:d4:36:7d:45:9d:b9:
        87:32:c9:35:79:58:cc:89:1d:54:b2:be:33:21:46:af:98:05:
        2a:8a:58:c2:64:b4:13:b8:ea:ce:b1:4b:d5:95:2b:2e:b2:ac:
        a5:fd:dc:7f:91:b6:a1:8f:d0:6f:bb:da:23:73:d7:3f:44:c9:
        c2:50:d6:4e:d0:b8:0d:91:95:9f:63:f4:46:ab:18:c8:b1:6c:
        cd:3d:35:64:24:dd:96:f4:2e:54:13:6a:33:c9:d0:ed:e3:47:
        9b:ba:56:d9:52:ef:3c:42:40:26:e3:c7:4f:93:04:88:f7:4c:
        12:67:1a:35:28:a5:c8:8a:63:36:7a:5b:4e:af:42:c6:e8:14:
        e9:12:4b:8c:a5:23:fb:6d:fe:03:b9:66:fc:7e:a0:5f:cd:99:
        a1:bc:b6:70:25:75:9a:15:d5:a2:c4:a5:ea:ba:2b:84:74:a7:
        ef:cd:0a:12:8a:10:0c:82:eb:ba:2c:c8:c1:08:4f:b5:1e:85:
        88:a7:ae:eb
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgIRAMtmY07xxtFxQKt9mbVMFt4wDQYJKoZIhvcNAQELBQAw
gZAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTYwNAYD
VQQDEy1DT01PRE8gUlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg
Q0EwHhcNMTUxMDE2MDAwMDAwWhcNMTgxMDE1MjM1OTU5WjCBhDEhMB8GA1UECxMY
RG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMSYwJAYDVQQLEx1Ib3N0ZWQgYnkgSG9z
dEdhdG9yLmNvbSwgTExDLjEdMBsGA1UECxMUUG9zaXRpdmVTU0wgV2lsZGNhcmQx
GDAWBgNVBAMMDyouaG9zdGdhdG9yLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMelMhvTrwqBpmDah4DocbQtj09bXON1tfWuASH35crzi2T92NcJ
7MC4sT7tjRO2+mn/EMAw4eqOI7pNo/nXt8q5pN92pje5wOpETNvwYEXqHEe3JjP3
5jtwQpRs2SlNn/VCRtuWZUD0JIo0LfiEmZisQNQnEbcNEQvC7XfL5pN8mVpq9uvx
Avgm2ZoVt44toNzY9FzO7yCiSQ+2aavn3CFdRmQsNBuBdJzWL9UF/Xff1z+XgEm3
gVJ9HL6bzj0+LZZbHwQsYv/EHPjjq01ASYEy4YHffBw5FVXPRxk1oE3Nfu+wvjF0
FVKN19J+5p6HmoeMYrYNivjLYAj32egiXl8CAwEAAaOCAdswggHXMB8GA1UdIwQY
MBaAFJCvajqUWgvYkOoSVnPfQ7Q6KNrnMB0GA1UdDgQWBBTOVAO0mAB83nBybJzU
vjkB/jHuwzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAU
BggrBgEFBQcDAQYIKwYBBQUHAwIwTwYDVR0gBEgwRjA6BgsrBgEEAbIxAQICBzAr
MCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQUzAIBgZn
gQwBAgEwVAYDVR0fBE0wSzBJoEegRYZDaHR0cDovL2NybC5jb21vZG9jYS5jb20v
Q09NT0RPUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBhQYI
KwYBBQUHAQEEeTB3ME8GCCsGAQUFBzAChkNodHRwOi8vY3J0LmNvbW9kb2NhLmNv
bS9DT01PRE9SU0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCQG
CCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wKQYDVR0RBCIwIIIP
Ki5ob3N0Z2F0b3IuY29tgg1ob3N0Z2F0b3IuY29tMA0GCSqGSIb3DQEBCwUAA4IB
AQAric/e9q94gAzdy9g57r9BOlyhZJVezbUltvziB3OrBdMmNXASky1OymE1TmwS
5u3xRs+sYMG/fN2C8lTlVVOVBYTUNn1FnbmHMsk1eVjMiR1Usr4zIUavmAUqiljC
ZLQTuOrOsUvVlSsusqyl/dx/kbahj9Bvu9ojc9c/RMnCUNZO0LgNkZWfY/RGqxjI
sWzNPTVkJN2W9C5UE2ozydDt40ebulbZUu88QkAm48dPkwSI90wSZxo1KKXIimM2
eltOr0LG6BTpEkuMpSP7bf4DuWb8fqBfzZmhvLZwJXWaFdWixKXquiuEdKfvzQoS
ihAMguu6LMjBCE+1HoWIp67r
-----END CERTIFICATE-----
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:2e:6e:ea:d9:75:36:6c:14:8a:6e:db:a3:7c:8c:07
        Signature Algorithm: sha384WithRSAEncryption
        Issuer: C=3DGB, ST=3DGreater Manchester, L=3DSalford, O=3DCOMODO =
CA
Limited, CN=3DCOMODO RSA Certification Authority
        Validity
            Not Before: Feb 12 00:00:00 2014 GMT
            Not After : Feb 11 23:59:59 2029 GMT
        Subject: C=3DGB, ST=3DGreater Manchester, L=3DSalford, O=3DCOMODO=
 CA
Limited, CN=3DCOMODO RSA Domain Validation Secure Server CA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (2048 bit)
                Modulus (2048 bit):
                    00:8e:c2:02:19:e1:a0:59:a4:eb:38:35:8d:2c:fd:
                    01:d0:d3:49:c0:64:c7:0b:62:05:45:16:3a:a8:a0:
                    c0:0c:02:7f:1d:cc:db:c4:a1:6d:77:03:a3:0f:86:
                    f9:e3:06:9c:3e:0b:81:8a:9b:49:1b:ad:03:be:fa:
                    4b:db:8c:20:ed:d5:ce:5e:65:8e:3e:0d:af:4c:c2:
                    b0:b7:45:5e:52:2f:34:de:48:24:64:b4:41:ae:00:
                    97:f7:be:67:de:9e:d0:7a:a7:53:80:3b:7c:ad:f5:
                    96:55:6f:97:47:0a:7c:85:8b:22:97:8d:b3:84:e0:
                    96:57:d0:70:18:60:96:8f:ee:2d:07:93:9d:a1:ba:
                    ca:d1:cd:7b:e9:c4:2a:9a:28:21:91:4d:6f:92:4f:
                    25:a5:f2:7a:35:dd:26:dc:46:a5:d0:ac:59:35:8c:
                    ff:4e:91:43:50:3f:59:93:1e:6c:51:21:ee:58:14:
                    ab:fe:75:50:78:3e:4c:b0:1c:86:13:fa:6b:98:bc:
                    e0:3b:94:1e:85:52:dc:03:93:24:18:6e:cb:27:51:
                    45:e6:70:de:25:43:a4:0d:e1:4a:a5:ed:b6:7e:c8:
                    cd:6d:ee:2e:1d:27:73:5d:dc:45:30:80:aa:e3:b2:
                    41:0b:af:bd:44:87:da:b9:e5:1b:9d:7f:ae:e5:85:
                    82:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier:
                keyid:BB:AF:7E:02:3D:FA:A6:F1:3C:84:8E:AD:EE:38:98:EC:D9:=
32:32:D4

            X509v3 Subject Key Identifier:
                90:AF:6A:3A:94:5A:0B:D8:90:EA:12:56:73:DF:43:B4:3A:28:DA:=
E7
            X509v3 Key Usage: critical
                Digital Signature, Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE, pathlen:0
            X509v3 Extended Key Usage:
                TLS Web Server Authentication, TLS Web Client Authenticat=
ion
            X509v3 Certificate Policies:
                Policy: X509v3 Any Policy
                Policy: 2.23.140.1.2.1

            X509v3 CRL Distribution Points:
                URI:http://crl.comodoca.com/COMODORSACertificationAuthori=
ty.crl

            Authority Information Access:
                CA Issuers -
URI:http://crt.comodoca.com/COMODORSAAddTrustCA.crt
                OCSP - URI:http://ocsp.comodoca.com

    Signature Algorithm: sha384WithRSAEncryption
        4e:2b:76:4f:92:1c:62:36:89:ba:77:c1:27:05:f4:1c:d6:44:
        9d:a9:9a:3e:aa:d5:66:66:01:3e:ea:49:e6:a2:35:bc:fa:f6:
        dd:95:8e:99:35:98:0e:36:18:75:b1:dd:dd:50:72:7c:ae:dc:
        77:88:ce:0f:f7:90:20:ca:a3:67:2e:1f:56:7f:7b:e1:44:ea:
        42:95:c4:5d:0d:01:50:46:15:f2:81:89:59:6c:8a:dd:8c:f1:
        12:a1:8d:3a:42:8a:98:f8:4b:34:7b:27:3b:08:b4:6f:24:3b:
        72:9d:63:74:58:3c:1a:6c:3f:4f:c7:11:9a:c8:a8:f5:b5:37:
        ef:10:45:c6:6c:d9:e0:5e:95:26:b3:eb:ad:a3:b9:ee:7f:0c:
        9a:66:35:73:32:60:4e:e5:dd:8a:61:2c:6e:52:11:77:68:96:
        d3:18:75:51:15:00:1b:74:88:dd:e1:c7:38:04:43:28:e9:16:
        fd:d9:05:d4:5d:47:27:60:d6:fb:38:3b:6c:72:a2:94:f8:42:
        1a:df:ed:6f:06:8c:45:c2:06:00:aa:e4:e8:dc:d9:b5:e1:73:
        78:ec:f6:23:dc:d1:dd:6c:8e:1a:8f:a5:ea:54:7c:96:b7:c3:
        fe:55:8e:8d:49:5e:fc:64:bb:cf:3e:bd:96:eb:69:cd:bf:e0:
        48:f1:62:82:10:e5:0c:46:57:f2:33:da:d0:c8:63:ed:c6:1f:
        94:05:96:4a:1a:91:d1:f7:eb:cf:8f:52:ae:0d:08:d9:3e:a8:
        a0:51:e9:c1:87:74:d5:c9:f7:74:ab:2e:53:fb:bb:7a:fb:97:
        e2:f8:1f:26:8f:b3:d2:a0:e0:37:5b:28:3b:31:e5:0e:57:2d:
        5a:b8:ad:79:ac:5e:20:66:1a:a5:b9:a6:b5:39:c1:f5:98:43:
        ff:ee:f9:a7:a7:fd:ee:ca:24:3d:80:16:c4:17:8f:8a:c1:60:
        a1:0c:ae:5b:43:47:91:4b:d5:9a:17:5f:f9:d4:87:c1:c2:8c:
        b7:e7:e2:0f:30:19:37:86:ac:e0:dc:42:03:e6:94:a8:9d:ae:
        fd:0f:24:51:94:ce:92:08:d1:fc:50:f0:03:40:7b:88:59:ed:
        0e:dd:ac:d2:77:82:34:dc:06:95:02:d8:90:f9:2d:ea:37:d5:
        1a:60:d0:67:20:d7:d8:42:0b:45:af:82:68:de:dd:66:24:37:
        90:29:94:19:46:19:25:b8:80:d7:cb:d4:86:28:6a:44:70:26:
        23:62:a9:9f:86:6f:bf:ba:90:70:d2:56:77:85:78:ef:ea:25:
        a9:17:ce:50:72:8c:00:3a:aa:e3:db:63:34:9f:f8:06:71:01:
        e2:82:20:d4:fe:6f:bd:b1
-----BEGIN CERTIFICATE-----
MIIGCDCCA/CgAwIBAgIQKy5u6tl1NmwUim7bo3yMBzANBgkqhkiG9w0BAQwFADCB
hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwMjEy
MDAwMDAwWhcNMjkwMjExMjM1OTU5WjCBkDELMAkGA1UEBhMCR0IxGzAZBgNVBAgT
EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR
Q09NT0RPIENBIExpbWl0ZWQxNjA0BgNVBAMTLUNPTU9ETyBSU0EgRG9tYWluIFZh
bGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAI7CAhnhoFmk6zg1jSz9AdDTScBkxwtiBUUWOqigwAwCfx3M28Sh
bXcDow+G+eMGnD4LgYqbSRutA776S9uMIO3Vzl5ljj4Nr0zCsLdFXlIvNN5IJGS0
Qa4Al/e+Z96e0HqnU4A7fK31llVvl0cKfIWLIpeNs4TgllfQcBhglo/uLQeTnaG6
ytHNe+nEKpooIZFNb5JPJaXyejXdJtxGpdCsWTWM/06RQ1A/WZMebFEh7lgUq/51
UHg+TLAchhP6a5i84DuUHoVS3AOTJBhuyydRReZw3iVDpA3hSqXttn7IzW3uLh0n
c13cRTCAquOyQQuvvUSH2rnlG51/ruWFgqUCAwEAAaOCAWUwggFhMB8GA1UdIwQY
MBaAFLuvfgI9+qbxPISOre44mOzZMjLUMB0GA1UdDgQWBBSQr2o6lFoL2JDqElZz
30O0Oija5zAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNV
HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGwYDVR0gBBQwEjAGBgRVHSAAMAgG
BmeBDAECATBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmNvbW9kb2NhLmNv
bS9DT01PRE9SU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcB
AQRlMGMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9E
T1JTQUFkZFRydXN0Q0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21v
ZG9jYS5jb20wDQYJKoZIhvcNAQEMBQADggIBAE4rdk+SHGI2ibp3wScF9BzWRJ2p
mj6q1WZmAT7qSeaiNbz69t2Vjpk1mA42GHWx3d1Qcnyu3HeIzg/3kCDKo2cuH1Z/
e+FE6kKVxF0NAVBGFfKBiVlsit2M8RKhjTpCipj4SzR7JzsItG8kO3KdY3RYPBps
P0/HEZrIqPW1N+8QRcZs2eBelSaz662jue5/DJpmNXMyYE7l3YphLG5SEXdoltMY
dVEVABt0iN3hxzgEQyjpFv3ZBdRdRydg1vs4O2xyopT4Qhrf7W8GjEXCBgCq5Ojc
2bXhc3js9iPc0d1sjhqPpepUfJa3w/5Vjo1JXvxku88+vZbrac2/4EjxYoIQ5QxG
V/Iz2tDIY+3GH5QFlkoakdH368+PUq4NCNk+qKBR6cGHdNXJ93SrLlP7u3r7l+L4
HyaPs9Kg4DdbKDsx5Q5XLVq4rXmsXiBmGqW5prU5wfWYQ//u+aen/e7KJD2AFsQX
j4rBYKEMrltDR5FL1ZoXX/nUh8HCjLfn4g8wGTeGrODcQgPmlKidrv0PJFGUzpII
0fxQ8ANAe4hZ7Q7drNJ3gjTcBpUC2JD5Leo31Rpg0Gcg19hCC0Wvgmje3WYkN5Ap
lBlGGSW4gNfL1IYoakRwJiNiqZ+Gb7+6kHDSVneFeO/qJakXzlByjAA6quPbYzSf
+AZxAeKCINT+b72x
-----END CERTIFICATE-----
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
        Signature Algorithm: sha384WithRSAEncryption
        Issuer: C=3DGB, ST=3DGreater Manchester, L=3DSalford, O=3DCOMODO =
CA
Limited, CN=3DCOMODO RSA Certification Authority
        Validity
            Not Before: Jan 19 00:00:00 2010 GMT
            Not After : Jan 18 23:59:59 2038 GMT
        Subject: C=3DGB, ST=3DGreater Manchester, L=3DSalford, O=3DCOMODO=
 CA
Limited, CN=3DCOMODO RSA Certification Authority
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (4096 bit)
                Modulus (4096 bit):
                    00:91:e8:54:92:d2:0a:56:b1:ac:0d:24:dd:c5:cf:
                    44:67:74:99:2b:37:a3:7d:23:70:00:71:bc:53:df:
                    c4:fa:2a:12:8f:4b:7f:10:56:bd:9f:70:72:b7:61:
                    7f:c9:4b:0f:17:a7:3d:e3:b0:04:61:ee:ff:11:97:
                    c7:f4:86:3e:0a:fa:3e:5c:f9:93:e6:34:7a:d9:14:
                    6b:e7:9c:b3:85:a0:82:7a:76:af:71:90:d7:ec:fd:
                    0d:fa:9c:6c:fa:df:b0:82:f4:14:7e:f9:be:c4:a6:
                    2f:4f:7f:99:7f:b5:fc:67:43:72:bd:0c:00:d6:89:
                    eb:6b:2c:d3:ed:8f:98:1c:14:ab:7e:e5:e3:6e:fc:
                    d8:a8:e4:92:24:da:43:6b:62:b8:55:fd:ea:c1:bc:
                    6c:b6:8b:f3:0e:8d:9a:e4:9b:6c:69:99:f8:78:48:
                    30:45:d5:ad:e1:0d:3c:45:60:fc:32:96:51:27:bc:
                    67:c3:ca:2e:b6:6b:ea:46:c7:c7:20:a0:b1:1f:65:
                    de:48:08:ba:a4:4e:a9:f2:83:46:37:84:eb:e8:cc:
                    81:48:43:67:4e:72:2a:9b:5c:bd:4c:1b:28:8a:5c:
                    22:7b:b4:ab:98:d9:ee:e0:51:83:c3:09:46:4e:6d:
                    3e:99:fa:95:17:da:7c:33:57:41:3c:8d:51:ed:0b:
                    b6:5c:af:2c:63:1a:df:57:c8:3f:bc:e9:5d:c4:9b:
                    af:45:99:e2:a3:5a:24:b4:ba:a9:56:3d:cf:6f:aa:
                    ff:49:58:be:f0:a8:ff:f4:b8:ad:e9:37:fb:ba:b8:
                    f4:0b:3a:f9:e8:43:42:1e:89:d8:84:cb:13:f1:d9:
                    bb:e1:89:60:b8:8c:28:56:ac:14:1d:9c:0a:e7:71:
                    eb:cf:0e:dd:3d:a9:96:a1:48:bd:3c:f7:af:b5:0d:
                    22:4c:c0:11:81:ec:56:3b:f6:d3:a2:e2:5b:b7:b2:
                    04:22:52:95:80:93:69:e8:8e:4c:65:f1:91:03:2d:
                    70:74:02:ea:8b:67:15:29:69:52:02:bb:d7:df:50:
                    6a:55:46:bf:a0:a3:28:61:7f:70:d0:c3:a2:aa:2c:
                    21:aa:47:ce:28:9c:06:45:76:bf:82:18:27:b4:d5:
                    ae:b4:cb:50:e6:6b:f4:4c:86:71:30:e9:a6:df:16:
                    86:e0:d8:ff:40:dd:fb:d0:42:88:7f:a3:33:3a:2e:
                    5c:1e:41:11:81:63:ce:18:71:6b:2b:ec:a6:8a:b7:
                    31:5c:3a:6a:47:e0:c3:79:59:d6:20:1a:af:f2:6a:
                    98:aa:72:bc:57:4a:d2:4b:9d:bb:10:fc:b0:4c:41:
                    e5:ed:1d:3d:5e:28:9d:9c:cc:bf:b3:51:da:a7:47:
                    e5:84:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:AF:7E:02:3D:FA:A6:F1:3C:84:8E:AD:EE:38:98:EC:D9:32:32:=
D4
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
    Signature Algorithm: sha384WithRSAEncryption
        0a:f1:d5:46:84:b7:ae:51:bb:6c:b2:4d:41:14:00:93:4c:9c:
        cb:e5:c0:54:cf:a0:25:8e:02:f9:fd:b0:a2:0d:f5:20:98:3c:
        13:2d:ac:56:a2:b0:d6:7e:11:92:e9:2e:ba:9e:2e:9a:72:b1:
        bd:19:44:6c:61:35:a2:9a:b4:16:12:69:5a:8c:e1:d7:3e:a4:
        1a:e8:2f:03:f4:ae:61:1d:10:1b:2a:a4:8b:7a:c5:fe:05:a6:
        e1:c0:d6:c8:fe:9e:ae:8f:2b:ba:3d:99:f8:d8:73:09:58:46:
        6e:a6:9c:f4:d7:27:d3:95:da:37:83:72:1c:d3:73:e0:a2:47:
        99:03:38:5d:d5:49:79:00:29:1c:c7:ec:9b:20:1c:07:24:69:
        57:78:b2:39:fc:3a:84:a0:b5:9c:7c:8d:bf:2e:93:62:27:b7:
        39:da:17:18:ae:bd:3c:09:68:ff:84:9b:3c:d5:d6:0b:03:e3:
        57:9e:14:f7:d1:eb:4f:c8:bd:87:23:b7:b6:49:43:79:85:5c:
        ba:eb:92:0b:a1:c6:e8:68:a8:4c:16:b1:1a:99:0a:e8:53:2c:
        92:bb:a1:09:18:75:0c:65:a8:7b:cb:23:b7:1a:c2:28:85:c3:
        1b:ff:d0:2b:62:ef:a4:7b:09:91:98:67:8c:14:01:cd:68:06:
        6a:63:21:75:03:80:88:8a:6e:81:c6:85:f2:a9:a4:2d:e7:f4:
        a5:24:10:47:83:ca:cd:f4:8d:79:58:b1:06:9b:e7:1a:2a:d9:
        9d:01:d7:94:7d:ed:03:4a:ca:f0:db:e8:a9:01:3e:f5:56:99:
        c9:1e:8e:49:3d:bb:e5:09:b9:e0:4f:49:92:3d:16:82:40:cc:
        cc:59:c6:e6:3a:ed:12:2e:69:3c:6c:95:b1:fd:aa:1d:7b:7f:
        86:be:1e:0e:32:46:fb:fb:13:8f:75:7f:4c:8b:4b:46:63:fe:
        00:34:40:70:c1:c3:b9:a1:dd:a6:70:e2:04:b3:41:bc:e9:80:
        91:ea:64:9c:7a:e1:22:03:a9:9c:6e:6f:0e:65:4f:6c:87:87:
        5e:f3:6e:a0:f9:75:a5:9b:40:e8:53:b2:27:9d:4a:b9:c0:77:
        21:8d:ff:87:f2:de:bc:8c:ef:17:df:b7:49:0b:d1:f2:6e:30:
        0b:1a:0e:4e:76:ed:11:fc:f5:e9:56:b2:7d:bf:c7:6d:0a:93:
        8c:a5:d0:c0:b6:1d:be:3a:4e:94:a2:d7:6e:6c:0b:c2:8a:7c:
        fa:20:f3:c4:e4:e5:cd:0d:a8:cb:91:92:b1:7c:85:ec:b5:14:
        69:66:0e:82:e7:cd:ce:c8:2d:a6:51:7f:21:c1:35:53:85:06:
        4a:5d:9f:ad:bb:1b:5f:74
-----BEGIN CERTIFICATE-----
MIIF2DCCA8CgAwIBAgIQTKr5yttjb+Af907YWwOGnTANBgkqhkiG9w0BAQwFADCB
hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMTE5
MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgT
EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR
Q09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNh
dGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCR
6FSS0gpWsawNJN3Fz0RndJkrN6N9I3AAcbxT38T6KhKPS38QVr2fcHK3YX/JSw8X
pz3jsARh7v8Rl8f0hj4K+j5c+ZPmNHrZFGvnnLOFoIJ6dq9xkNfs/Q36nGz637CC
9BR++b7Epi9Pf5l/tfxnQ3K9DADWietrLNPtj5gcFKt+5eNu/Nio5JIk2kNrYrhV
/erBvGy2i/MOjZrkm2xpmfh4SDBF1a3hDTxFYPwyllEnvGfDyi62a+pGx8cgoLEf
Zd5ICLqkTqnyg0Y3hOvozIFIQ2dOciqbXL1MGyiKXCJ7tKuY2e7gUYPDCUZObT6Z
+pUX2nwzV0E8jVHtC7ZcryxjGt9XyD+86V3Em69FmeKjWiS0uqlWPc9vqv9JWL7w
qP/0uK3pN/u6uPQLOvnoQ0IeidiEyxPx2bvhiWC4jChWrBQdnArncevPDt09qZah
SL0896+1DSJMwBGB7FY79tOi4lu3sgQiUpWAk2nojkxl8ZEDLXB0AuqLZxUpaVIC
u9ffUGpVRr+goyhhf3DQw6KqLCGqR84onAZFdr+CGCe01a60y1Dma/RMhnEw6abf
Fobg2P9A3fvQQoh/ozM6LlweQRGBY84YcWsr7KaKtzFcOmpH4MN5WdYgGq/yapiq
crxXStJLnbsQ/LBMQeXtHT1eKJ2czL+zUdqnR+WEUwIDAQABo0IwQDAdBgNVHQ4E
FgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB
/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAArx1UaEt65Ru2yyTUEUAJNMnMvl
wFTPoCWOAvn9sKIN9SCYPBMtrFaisNZ+EZLpLrqeLppysb0ZRGxhNaKatBYSaVqM
4dc+pBroLwP0rmEdEBsqpIt6xf4FpuHA1sj+nq6PK7o9mfjYcwlYRm6mnPTXJ9OV
2jeDchzTc+CiR5kDOF3VSXkAKRzH7JsgHAckaVd4sjn8OoSgtZx8jb8uk2Intzna
FxiuvTwJaP+EmzzV1gsD41eeFPfR60/IvYcjt7ZJQ3mFXLrrkguhxuhoqEwWsRqZ
CuhTLJK7oQkYdQxlqHvLI7cawiiFwxv/0Cti76R7CZGYZ4wUAc1oBmpjIXUDgIiK
boHGhfKppC3n9KUkEEeDys30jXlYsQab5xoq2Z0B15R97QNKyvDb6KkBPvVWmcke
jkk9u+UJueBPSZI9FoJAzMxZxuY67RIuaTxslbH9qh17f4a+Hg4yRvv7E491f0yL
S0Zj/gA0QHDBw7mh3aZw4gSzQbzpgJHqZJx64SIDqZxubw5lT2yHh17zbqD5daWb
QOhTsiedSrnAdyGN/4fy3ryM7xfft0kL0fJuMAsaDk527RH89elWsn2/x20Kk4yl
0MC2Hb46TpSi125sC8KKfPog88Tk5c0NqMuRkrF8hey1FGlmDoLnzc7ILaZRfyHB
NVOFBkpdn627G190
-----END CERTIFICATE-----

In GNU Emacs 25.1.1 (x86_64-apple-darwin13.4.0, NS appkit-1265.21 Version
10.9.5 (Build 13F1911))
 of 2016-09-20 built on builder10-9.porkrind.org
Windowing system distributor 'Apple', version 10.3.1404
Configured using:
 'configure --with-ns '--enable-locallisppath=3D/Library/Application
 Support/Emacs/${version}/site-lisp:/Library/Application
 Support/Emacs/site-lisp' --with-modules'

Configured features:
NOTIFY ACL GNUTLS LIBXML2 ZLIB TOOLKIT_SCROLL_BARS NS MODULES

Important settings:
  value of $LANG: en_US.UTF-8
  locale-coding-system: utf-8-unix

Major mode: Fundamental

Minor modes in effect:
  tooltip-mode: t
  global-eldoc-mode: t
  electric-indent-mode: t
  mouse-wheel-mode: t
  tool-bar-mode: t
  menu-bar-mode: t
  file-name-shadow-mode: t
  global-font-lock-mode: t
  blink-cursor-mode: t
  auto-composition-mode: t
  auto-encryption-mode: t
  auto-compression-mode: t
  line-number-mode: t
  transient-mark-mode: t

Recent messages:
For information about GNU Emacs and the GNU system, type C-h C-a.
Contacting host: hostgator.com:443
Type C-x 1 to delete the help window.
Entering debugger...
Mark set [4 times]
Saved text until "1 (face bold)))
1 <- nsm-query-user: no
"

Load-path shadows:
None found.

Features:
(shadow sort mail-extr emacsbug message dired format-spec rfc822 mml
mml-sec epg epg-config mm-decode mm-bodies mm-encode mailabbrev
gmm-utils mailheader sendmail mail-utils debug network-stream nsm
starttls url-http tls gnutls mail-parse rfc2231 rfc2047 rfc2045
ietf-drums url-gw url-cache url-auth url url-proxy url-privacy
url-expand url-methods url-history url-cookie url-domsuf url-util
url-parse auth-source cl-seq eieio byte-opt bytecomp byte-compile
cl-extra cconv eieio-core cl-macs gv gnus-util mm-util help-fns
help-mode easymenu cl-loaddefs pcase cl-lib mail-prsvr password-cache
url-vars mailcap trace time-date mule-util tooltip eldoc electric
uniquify ediff-hook vc-hooks lisp-float-type mwheel ns-win ucs-normalize
term/common-win tool-bar dnd fontset image regexp-opt fringe
tabulated-list newcomment elisp-mode lisp-mode prog-mode register page
menu-bar rfn-eshadow timer select scroll-bar mouse jit-lock font-lock
syntax facemenu font-core frame cl-generic cham georgian utf-8-lang
misc-lang vietnamese tibetan thai tai-viet lao korean japanese eucjp-ms
cp51932 hebrew greek romanian slovak czech european ethiopic indian
cyrillic chinese charscript case-table epa-hook jka-cmpr-hook help
simple abbrev minibuffer cl-preloaded nadvice loaddefs button faces
cus-face macroexp files text-properties overlay sha1 md5 base64 format
env code-pages mule custom widget hashtable-print-readable backquote
kqueue cocoa ns multi-tty make-network-process emacs)

Memory information:
((conses 16 212415 6685)
 (symbols 48 21416 0)
 (miscs 40 85 166)
 (strings 32 21102 6674)
 (string-bytes 1 614300)
 (vectors 16 35417)
 (vector-slots 8 679626 6101)
 (floats 8 206 185)
 (intervals 56 352 4)
 (buffers 976 20))





From unknown Sat Sep 06 10:20:43 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#24575: 25.1; TLS cert lossage
Resent-From: Eli Zaretskii <eliz@gnu.org>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Sat, 01 Oct 2016 07:59:01 +0000
Resent-Message-ID: <handler.24575.B24575.147530873031452@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 24575
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: 
To: "Devon Sean McCullough" <Emacs-Hacker2016@jovi.net>
Cc: 24575@debbugs.gnu.org
Reply-To: Eli Zaretskii <eliz@gnu.org>
Received: via spool by 24575-submit@debbugs.gnu.org id=B24575.147530873031452
          (code B ref 24575); Sat, 01 Oct 2016 07:59:01 +0000
Received: (at 24575) by debbugs.gnu.org; 1 Oct 2016 07:58:50 +0000
Received: from localhost ([127.0.0.1]:40218 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1bqFC6-0008BE-0R
	for submit@debbugs.gnu.org; Sat, 01 Oct 2016 03:58:50 -0400
Received: from eggs.gnu.org ([208.118.235.92]:36519)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <eliz@gnu.org>) id 1bqFC3-0008B2-Ue
 for 24575@debbugs.gnu.org; Sat, 01 Oct 2016 03:58:48 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <eliz@gnu.org>) id 1bqFBu-000749-3l
 for 24575@debbugs.gnu.org; Sat, 01 Oct 2016 03:58:42 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.0 required=5.0 tests=BAYES_20,RP_MATCHES_RCVD
 autolearn=disabled version=3.3.2
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:60814)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <eliz@gnu.org>)
 id 1bqFBu-000742-1U; Sat, 01 Oct 2016 03:58:38 -0400
Received: from 84.94.185.246.cable.012.net.il ([84.94.185.246]:1471
 helo=home-c4e4a596f7)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_128_CBC_SHA1:128)
 (Exim 4.82) (envelope-from <eliz@gnu.org>)
 id 1bqFBs-0001IO-Qs; Sat, 01 Oct 2016 03:58:37 -0400
Date: Sat, 01 Oct 2016 10:58:44 +0300
Message-Id: <8360pcmrez.fsf@gnu.org>
From: Eli Zaretskii <eliz@gnu.org>
In-reply-to: <bf2f339ed2b6a6a42167a6be5cc8aaa3.squirrel@leaf.websitewelcome.com>
 (Emacs-Hacker2016@jovi.net)
References: <bf2f339ed2b6a6a42167a6be5cc8aaa3.squirrel@leaf.websitewelcome.com>
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-Spam-Score: -8.0 (--------)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -8.0 (--------)

> Date: Fri, 30 Sep 2016 16:49:55 -0500
> From: "Devon Sean McCullough" <Emacs-Hacker2016@jovi.net>
> 
> url-retrieve-synchronously distrusts this perfectly good cert
> which is trusted by Emacs 24.3, Emacs 24.5 and FireFox 49.0.1:
> 
> $ Open -a /Applications/Emacs.app -n --args -Q --eval '(progn (setq
> debug-on-error t) (trace-function (function nsm-query-user))
> (url-retrieve-synchronously "https://HostGator.com"))'
> 
> *trace-output*
> ======================================================================
> 1 -> (nsm-query-user "The TLS connection to %s:%s is insecure for the
> following reason%s:

It doesn't fail for me here, I get a buffer with the content of that
URL.

So it could be some issue with your TLS layer or the certificate
bundle.




From unknown Sat Sep 06 10:20:43 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#24575: (url-retrieve-synchronously "https://gnu.org") ; untrusted
References: <bf2f339ed2b6a6a42167a6be5cc8aaa3.squirrel@leaf.websitewelcome.com>
In-Reply-To: <bf2f339ed2b6a6a42167a6be5cc8aaa3.squirrel@leaf.websitewelcome.com>
Resent-From: "Devon Sean McCullough" <Emacs-Hacker2016@jovi.net>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Sat, 01 Oct 2016 08:50:01 +0000
Resent-Message-ID: <handler.24575.B24575.14753117883967@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 24575
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: 
To: 24575@debbugs.gnu.org
Received: via spool by 24575-submit@debbugs.gnu.org id=B24575.14753117883967
          (code B ref 24575); Sat, 01 Oct 2016 08:50:01 +0000
Received: (at 24575) by debbugs.gnu.org; 1 Oct 2016 08:49:48 +0000
Received: from localhost ([127.0.0.1]:40258 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1bqFzQ-00011v-4X
	for submit@debbugs.gnu.org; Sat, 01 Oct 2016 04:49:48 -0400
Received: from gateway22.websitewelcome.com ([192.185.46.187]:41429)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <Emacs-Hacker2016@jovi.net>) id 1bqFzO-00011n-Nr
 for 24575@debbugs.gnu.org; Sat, 01 Oct 2016 04:49:47 -0400
Received: from cm6.websitewelcome.com (cm6.websitewelcome.com [108.167.139.19])
 by gateway22.websitewelcome.com (Postfix) with ESMTP id 0B5B7AFB69EA6
 for <24575@debbugs.gnu.org>; Sat,  1 Oct 2016 03:49:45 -0500 (CDT)
Received: from leaf.websitewelcome.com ([192.185.82.99])
 by cm6.websitewelcome.com with 
 id q8pj1t00228afQo018pkY7; Sat, 01 Oct 2016 03:49:45 -0500
Received: from jovinet by leaf.websitewelcome.com with local (Exim 4.86_1)
 (envelope-from <Emacs-Hacker2016@jovi.net>) id 1bqFzK-0004GK-U2
 for 24575@debbugs.gnu.org; Sat, 01 Oct 2016 03:49:42 -0500
Received: from 74.96.160.131 ([74.96.160.131])
 (SquirrelMail authenticated user devon2011@jovi.net)
 by leaf.websitewelcome.com with HTTP; Sat, 1 Oct 2016 03:49:42 -0500
Message-ID: <165d5f5a96606d51cbbd4d78176feb0e.squirrel@leaf.websitewelcome.com>
Date: Sat, 1 Oct 2016 03:49:42 -0500
From: "Devon Sean McCullough" <Emacs-Hacker2016@jovi.net>
User-Agent: SquirrelMail/1.5.2 [SVN]
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-AntiAbuse: This header was added to track abuse,
 please include it with any abuse report
X-AntiAbuse: Primary Hostname - leaf.websitewelcome.com
X-AntiAbuse: Original Domain - debbugs.gnu.org
X-AntiAbuse: Originator/Caller UID/GID - [1956 32003] / [47 12]
X-AntiAbuse: Sender Address Domain - jovi.net
X-BWhitelist: no
X-Source-IP: 
X-Exim-ID: 1bqFzK-0004GK-U2
X-Source: /usr/local/cpanel/3rdparty/php/54/bin/php-cgi
X-Source-Args: /usr/local/cpanel/3rdparty/php/54/bin/php-cgi
 /usr/local/cpanel/base/3rdparty/squirrelmail/src/compose.php 
X-Source-Dir: :/base/3rdparty/squirrelmail/src
X-Source-Sender: 
X-Source-Auth: jovinet
X-Email-Count: 1
X-Source-Cap: am92aW5ldDtkZXZvbjtsZWFmLndlYnNpdGV3ZWxjb21lLmNvbQ==
X-Spam-Score: -0.0 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.0 (/)






From unknown Sat Sep 06 10:20:43 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#24575: libgnutls MacOSX bug?
References: <bf2f339ed2b6a6a42167a6be5cc8aaa3.squirrel@leaf.websitewelcome.com>
In-Reply-To: <bf2f339ed2b6a6a42167a6be5cc8aaa3.squirrel@leaf.websitewelcome.com>
Resent-From: "Devon Sean McCullough" <Devon2016@jovi.net>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Sat, 01 Oct 2016 10:21:02 +0000
Resent-Message-ID: <handler.24575.B24575.147531723918822@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 24575
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: 
To: 24575@debbugs.gnu.org
Received: via spool by 24575-submit@debbugs.gnu.org id=B24575.147531723918822
          (code B ref 24575); Sat, 01 Oct 2016 10:21:02 +0000
Received: (at 24575) by debbugs.gnu.org; 1 Oct 2016 10:20:39 +0000
Received: from localhost ([127.0.0.1]:40314 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1bqHPK-0004tW-M5
	for submit@debbugs.gnu.org; Sat, 01 Oct 2016 06:20:38 -0400
Received: from gateway20.websitewelcome.com ([192.185.61.9]:48922)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <Devon2016@jovi.net>) id 1bqHPI-0004tM-U0
 for 24575@debbugs.gnu.org; Sat, 01 Oct 2016 06:20:37 -0400
Received: from cm2.websitewelcome.com (cm2.websitewelcome.com [192.185.178.13])
 by gateway20.websitewelcome.com (Postfix) with ESMTP id 65AF07B5AA670
 for <24575@debbugs.gnu.org>; Sat,  1 Oct 2016 05:20:35 -0500 (CDT)
Received: from leaf.websitewelcome.com ([192.185.82.99])
 by cm2.websitewelcome.com with 
 id qALX1t01528afQo01ALZd7; Sat, 01 Oct 2016 05:20:35 -0500
Received: from jovinet by leaf.websitewelcome.com with local (Exim 4.86_1)
 (envelope-from <Devon2016@jovi.net>) id 1bqHPD-000Set-PE
 for 24575@debbugs.gnu.org; Sat, 01 Oct 2016 05:20:31 -0500
Received: from 74.96.160.131 ([74.96.160.131])
 (SquirrelMail authenticated user devon2011@jovi.net)
 by leaf.websitewelcome.com with HTTP; Sat, 1 Oct 2016 05:20:31 -0500
Message-ID: <a528d8b7393b9bf818e038f5fda5a124.squirrel@leaf.websitewelcome.com>
Date: Sat, 1 Oct 2016 05:20:31 -0500
From: "Devon Sean McCullough" <Devon2016@jovi.net>
User-Agent: SquirrelMail/1.5.2 [SVN]
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-AntiAbuse: This header was added to track abuse,
 please include it with any abuse report
X-AntiAbuse: Primary Hostname - leaf.websitewelcome.com
X-AntiAbuse: Original Domain - debbugs.gnu.org
X-AntiAbuse: Originator/Caller UID/GID - [1956 32003] / [47 12]
X-AntiAbuse: Sender Address Domain - jovi.net
X-BWhitelist: no
X-Source-IP: 
X-Exim-ID: 1bqHPD-000Set-PE
X-Source: /usr/local/cpanel/3rdparty/php/54/bin/php-cgi
X-Source-Args: /usr/local/cpanel/3rdparty/php/54/bin/php-cgi
 /usr/local/cpanel/base/3rdparty/squirrelmail/src/compose.php 
X-Source-Dir: :/base/3rdparty/squirrelmail/src
X-Source-Sender: 
X-Source-Auth: jovinet
X-Email-Count: 1
X-Source-Cap: am92aW5ldDtkZXZvbjtsZWFmLndlYnNpdGV3ZWxjb21lLmNvbQ==
X-Spam-Score: -0.0 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.0 (/)

Perhaps the bug is in libgnutls which Emacs-25 has and Emacs-24 lacks?

$ lsof
COMMAND    PID  USER   FD     TYPE             DEVICE  SIZE/OFF     NODE NAME
...
Emacs-x86 2568 devon  cwd      DIR                1,4     24004  4562405
/Users/devon
Emacs-x86 2568 devon  txt      REG                1,4  17858160 70328116
/Applications/Emacs.app/Contents/MacOS/Emacs-x86_64-10_9
Emacs-x86 2568 devon  txt      REG                1,4   1070144 70328127
/Applications/Emacs.app/Contents/MacOS/lib-x86_64-10_9/libgnutls.30.dylib
...
$ system_profiler SPSoftwareDataType
Software:

    System Software Overview:

      System Version: OS X 10.11.6 (15G1004)
      Kernel Version: Darwin 15.6.0
...




From unknown Sat Sep 06 10:20:43 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#24575: libgnutls MacOSX bug?
Resent-From: Eli Zaretskii <eliz@gnu.org>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Sat, 01 Oct 2016 10:46:02 +0000
Resent-Message-ID: <handler.24575.B24575.147531870721425@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 24575
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: 
To: "Devon Sean McCullough" <Devon2016@jovi.net>
Cc: 24575@debbugs.gnu.org
Reply-To: Eli Zaretskii <eliz@gnu.org>
Received: via spool by 24575-submit@debbugs.gnu.org id=B24575.147531870721425
          (code B ref 24575); Sat, 01 Oct 2016 10:46:02 +0000
Received: (at 24575) by debbugs.gnu.org; 1 Oct 2016 10:45:07 +0000
Received: from localhost ([127.0.0.1]:40324 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1bqHn1-0005ZV-Fe
	for submit@debbugs.gnu.org; Sat, 01 Oct 2016 06:45:07 -0400
Received: from eggs.gnu.org ([208.118.235.92]:58811)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <eliz@gnu.org>) id 1bqHmz-0005Yg-Rl
 for 24575@debbugs.gnu.org; Sat, 01 Oct 2016 06:45:06 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <eliz@gnu.org>) id 1bqHmr-0003yH-OI
 for 24575@debbugs.gnu.org; Sat, 01 Oct 2016 06:45:00 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.9 required=5.0 tests=BAYES_00,RP_MATCHES_RCVD
 autolearn=disabled version=3.3.2
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:33814)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <eliz@gnu.org>)
 id 1bqHmr-0003xv-L3; Sat, 01 Oct 2016 06:44:57 -0400
Received: from 84.94.185.246.cable.012.net.il ([84.94.185.246]:1749
 helo=home-c4e4a596f7)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_128_CBC_SHA1:128)
 (Exim 4.82) (envelope-from <eliz@gnu.org>)
 id 1bqHmp-0001HW-NN; Sat, 01 Oct 2016 06:44:56 -0400
Date: Sat, 01 Oct 2016 13:45:02 +0300
Message-Id: <83r380l55d.fsf@gnu.org>
From: Eli Zaretskii <eliz@gnu.org>
In-reply-to: <a528d8b7393b9bf818e038f5fda5a124.squirrel@leaf.websitewelcome.com>
 (Devon2016@jovi.net)
References: <bf2f339ed2b6a6a42167a6be5cc8aaa3.squirrel@leaf.websitewelcome.com>
 <a528d8b7393b9bf818e038f5fda5a124.squirrel@leaf.websitewelcome.com>
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-Spam-Score: -8.0 (--------)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -8.0 (--------)

> Date: Sat, 1 Oct 2016 05:20:31 -0500
> From: "Devon Sean McCullough" <Devon2016@jovi.net>
> 
> Perhaps the bug is in libgnutls which Emacs-25 has and Emacs-24 lacks?

My Emacs is built with GnuTLS, and it doesn't show the problem.

GnuTLS uses the system's store of the certificates, so I think the
problem might be there.




From unknown Sat Sep 06 10:20:43 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#24575: libgnutls MacOSX bug?
Resent-From: npostavs@users.sourceforge.net
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Sat, 01 Oct 2016 12:07:02 +0000
Resent-Message-ID: <handler.24575.B24575.14753236172726@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 24575
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: 
To: Eli Zaretskii <eliz@gnu.org>
Cc: 24575@debbugs.gnu.org, Devon Sean McCullough <Devon2016@jovi.net>
Received: via spool by 24575-submit@debbugs.gnu.org id=B24575.14753236172726
          (code B ref 24575); Sat, 01 Oct 2016 12:07:02 +0000
Received: (at 24575) by debbugs.gnu.org; 1 Oct 2016 12:06:57 +0000
Received: from localhost ([127.0.0.1]:40371 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1bqJ4C-0000hu-Vm
	for submit@debbugs.gnu.org; Sat, 01 Oct 2016 08:06:57 -0400
Received: from mail-io0-f174.google.com ([209.85.223.174]:35138)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <npostavs@gmail.com>) id 1bqJ4C-0000hj-6G
 for 24575@debbugs.gnu.org; Sat, 01 Oct 2016 08:06:56 -0400
Received: by mail-io0-f174.google.com with SMTP id i202so1020819ioi.2
 for <24575@debbugs.gnu.org>; Sat, 01 Oct 2016 05:06:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=sender:from:to:cc:subject:references:date:in-reply-to:message-id
 :user-agent:mime-version;
 bh=8zuAsyJUQYhTarvGDHTVedS1JAdPK1otZRdn092zWF4=;
 b=taf5xXBPY0jAbu0jCiMC3/Jm2K/JNGt+QaZ+leo/pdeOGZwE0tmYGShpX7NR6RSFFf
 b+r+gnqRMI11k7o76FQhcIRNKLlQ1e9/hzXoTJY8nXv0wyHkMyuy94CuYE1xlUiwWx/o
 2vsdv6WN8mrpdA8hzJDVyHH4lC9dTT837iR9Y9S9GdvcWl+RcWXAqkTR1NY8WLpuMRLk
 2wi3QnJ0ukEraW+pfkyvvb5sNw9DGRUw2ygV+NWcgPrQyA3lSJwRlV+PrxZj3BrgDf2C
 HOD110ut+fD52HUHR0iYn43puJRhEgaZz6i9mCkJKgpCxlK1ruVDLlRdZnPz0XPa66rF
 +0Tg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:sender:from:to:cc:subject:references:date
 :in-reply-to:message-id:user-agent:mime-version;
 bh=8zuAsyJUQYhTarvGDHTVedS1JAdPK1otZRdn092zWF4=;
 b=MbcE0FI1hQVJRJc6rPXL7wFHwgoSvnZJhNPwijy6m/Wd+2NxX9wvANKfbcUriYIGi+
 oL4eioTT8xAAWta8LEIxoiv2EBWq2N1USxgn11x9FW7fYujm03qdj4GjjMTES87Onbpb
 x+0/oFDt5UV3LyyOlJX4GSOEb/9wwdZy3d0p8jSd7dDvQdg9nf/wuS9jCGJbCgy4V4QO
 wPB+5uVQOpeZob4WBcZe1ym5ipGd9nxok8T/99r+cMZq0hgjUDXjYhDaZblXm8UX+ySL
 q6fDUw2VUq5d/M6oxjDBT2xn7Tno6sqbCxQRNd6CzyK/2fuJRp1Qhrx+KC4Qhdput2qC
 OB2g==
X-Gm-Message-State: AA6/9RnloblFevxdbJsP9QMMTcLtn7MpznIc8BwaDMgS6TaLvYDke6PkEfARurxjdHoFKw==
X-Received: by 10.107.183.149 with SMTP id h143mr959435iof.43.1475323610489;
 Sat, 01 Oct 2016 05:06:50 -0700 (PDT)
Received: from zony ([45.2.7.130])
 by smtp.googlemail.com with ESMTPSA id e8sm3865004itc.15.2016.10.01.05.06.49
 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
 Sat, 01 Oct 2016 05:06:49 -0700 (PDT)
From: npostavs@users.sourceforge.net
References: <bf2f339ed2b6a6a42167a6be5cc8aaa3.squirrel@leaf.websitewelcome.com>
 <a528d8b7393b9bf818e038f5fda5a124.squirrel@leaf.websitewelcome.com>
 <83r380l55d.fsf@gnu.org>
Date: Sat, 01 Oct 2016 08:07:22 -0400
In-Reply-To: <83r380l55d.fsf@gnu.org> (Eli Zaretskii's message of "Sat, 01 Oct
 2016 13:45:02 +0300")
Message-ID: <87vaxcxog5.fsf@users.sourceforge.net>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: -0.2 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.2 (/)

Eli Zaretskii <eliz@gnu.org> writes:

>> Date: Sat, 1 Oct 2016 05:20:31 -0500
>> From: "Devon Sean McCullough" <Devon2016@jovi.net>
>> 
>> Perhaps the bug is in libgnutls which Emacs-25 has and Emacs-24 lacks?
>
> My Emacs is built with GnuTLS, and it doesn't show the problem.
>
> GnuTLS uses the system's store of the certificates, so I think the
> problem might be there.

I think this is a problem on the remote end.  I see this problem, but
not every time.  Checking with gnutls-cli it seems that that when
www.hostgator.com resolves to 50.23.69.98 it serves fewer certificates,
and fails to verify.  Other machines serve more certificates and
verification succeeds.

~$ gnutls-cli www.hostgator.com
Processed 183 CA certificate(s).
Resolving 'www.hostgator.com'...
Connecting to '173.192.226.44:443'...
- Certificate type: X.509
- Got a certificate list of 3 certificates.
- Certificate[0] info:
 - subject `OU=Domain Control Validated,OU=Hosted by HostGator.com\, LLC.,OU=PositiveSSL Wildcard,CN=*.hostgator.com', issuer `C=GB,ST=Greater Manchester,L=Salford,O=COMODO CA Limited,CN=COMODO RSA Domain Validation Secure Server CA', RSA key 2048 bits, signed using RSA-SHA256, activated `2015-10-16 00:00:00 UTC', expires `2018-10-15 23:59:59 UTC', SHA-1 fingerprint `1327565bd907609d8cc120fd0af53426347486c5'
	Public Key ID:
		75265ba9039f77c136d9519931b9c8496dd91967
	Public key's random art:
		+--[ RSA 2048]----+
		|              .=E|
		|             + %=|
		|        . o B X o|
		|         + O = + |
		|        S * . .  |
		|           o .   |
		|                 |
		|                 |
		|                 |
		+-----------------+

- Certificate[1] info:
 - subject `C=GB,ST=Greater Manchester,L=Salford,O=COMODO CA Limited,CN=COMODO RSA Domain Validation Secure Server CA', issuer `C=GB,ST=Greater Manchester,L=Salford,O=COMODO CA Limited,CN=COMODO RSA Certification Authority', RSA key 2048 bits, signed using RSA-SHA384, activated `2014-02-12 00:00:00 UTC', expires `2029-02-11 23:59:59 UTC', SHA-1 fingerprint `339cdd57cfd5b141169b615ff31428782d1da639'
- Certificate[2] info:
 - subject `C=GB,ST=Greater Manchester,L=Salford,O=COMODO CA Limited,CN=COMODO RSA Certification Authority', issuer `C=SE,O=AddTrust AB,OU=AddTrust External TTP Network,CN=AddTrust External CA Root', RSA key 4096 bits, signed using RSA-SHA384, activated `2000-05-30 10:48:38 UTC', expires `2020-05-30 10:48:38 UTC', SHA-1 fingerprint `f5ad0bcc1ad56cd150725b1c866c30ad92ef21b0'
- Status: The certificate is trusted. 
- Description: (TLS1.2)-(ECDHE-RSA-SECP256R1)-(AES-128-CBC)-(SHA256)
- Session ID: 47:28:B2:1E:8E:60:4F:17:8C:03:4C:21:50:F0:27:82:54:4B:5F:60:31:B0:48:D5:84:08:BC:30:82:30:86:EB
- Ephemeral EC Diffie-Hellman parameters
 - Using curve: SECP256R1
 - Curve size: 256 bits
- Version: TLS1.2
- Key Exchange: ECDHE-RSA
- Server Signature: RSA-SHA256
- Cipher: AES-128-CBC
- MAC: SHA256
- Compression: NULL
- Options: safe renegotiation,
- Handshake was completed

- Simple Client Mode:

- Peer has closed the GnuTLS connection
~$ gnutls-cli www.hostgator.com
Processed 183 CA certificate(s).
Resolving 'www.hostgator.com'...
Connecting to '50.23.69.98:443'...
- Certificate type: X.509
- Got a certificate list of 1 certificates.
- Certificate[0] info:
 - subject `OU=Domain Control Validated,OU=Hosted by HostGator.com\, LLC.,OU=PositiveSSL Wildcard,CN=*.hostgator.com', issuer `C=GB,ST=Greater Manchester,L=Salford,O=COMODO CA Limited,CN=COMODO RSA Domain Validation Secure Server CA', RSA key 2048 bits, signed using RSA-SHA256, activated `2015-10-16 00:00:00 UTC', expires `2018-10-15 23:59:59 UTC', SHA-1 fingerprint `1327565bd907609d8cc120fd0af53426347486c5'
	Public Key ID:
		75265ba9039f77c136d9519931b9c8496dd91967
	Public key's random art:
		+--[ RSA 2048]----+
		|              .=E|
		|             + %=|
		|        . o B X o|
		|         + O = + |
		|        S * . .  |
		|           o .   |
		|                 |
		|                 |
		|                 |
		+-----------------+

- Status: The certificate is NOT trusted. The certificate issuer is unknown. 
*** PKI verification of server certificate failed...
*** Fatal error: Error in the certificate.
*** Handshake has failed
GnuTLS error: Error in the certificate.




From unknown Sat Sep 06 10:20:43 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#24575: libgnutls MacOSX bug?
Resent-From: Lars Ingebrigtsen <larsi@gnus.org>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Tue, 24 Jan 2017 23:36:02 +0000
Resent-Message-ID: <handler.24575.B24575.14853009613933@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 24575
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: 
To: npostavs@users.sourceforge.net
Cc: 24575@debbugs.gnu.org, Eli Zaretskii <eliz@gnu.org>, Devon Sean McCullough <Devon2016@jovi.net>
Received: via spool by 24575-submit@debbugs.gnu.org id=B24575.14853009613933
          (code B ref 24575); Tue, 24 Jan 2017 23:36:02 +0000
Received: (at 24575) by debbugs.gnu.org; 24 Jan 2017 23:36:01 +0000
Received: from localhost ([127.0.0.1]:41101 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1cWAd6-00011N-UX
	for submit@debbugs.gnu.org; Tue, 24 Jan 2017 18:36:01 -0500
Received: from hermes.netfonds.no ([80.91.224.195]:51839)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@gnus.org>) id 1cWAd5-00011G-PL
 for 24575@debbugs.gnu.org; Tue, 24 Jan 2017 18:36:00 -0500
Received: from 2.150.49.21.tmi.telenormobil.no ([2.150.49.21] helo=mouse)
 by hermes.netfonds.no with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.84_2) (envelope-from <larsi@gnus.org>)
 id 1cWAd2-0003W9-Lh; Wed, 25 Jan 2017 00:35:58 +0100
From: Lars Ingebrigtsen <larsi@gnus.org>
References: <bf2f339ed2b6a6a42167a6be5cc8aaa3.squirrel@leaf.websitewelcome.com>
 <a528d8b7393b9bf818e038f5fda5a124.squirrel@leaf.websitewelcome.com>
 <83r380l55d.fsf@gnu.org> <87vaxcxog5.fsf@users.sourceforge.net>
Date: Wed, 25 Jan 2017 00:35:50 +0100
In-Reply-To: <87vaxcxog5.fsf@users.sourceforge.net> (npostavs's message of
 "Sat, 01 Oct 2016 08:07:22 -0400")
Message-ID: <8737g8c9pl.fsf@gnus.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.0.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: 0.0 (/)

npostavs@users.sourceforge.net writes:

> I think this is a problem on the remote end.  I see this problem, but
> not every time.  Checking with gnutls-cli it seems that that when
> www.hostgator.com resolves to 50.23.69.98 it serves fewer certificates,
> and fails to verify.  Other machines serve more certificates and
> verification succeeds.

So this doesn't seem to be an Emacs bug?  I'm closing this report, but
feel free to reopen if it turns out to be an Emacs bug anyway.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no




From debbugs-submit-bounces@debbugs.gnu.org Tue Jan 24 18:36:11 2017
Received: (at control) by debbugs.gnu.org; 24 Jan 2017 23:36:11 +0000
Received: from localhost ([127.0.0.1]:41105 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1cWAdG-000129-5s
	for submit@debbugs.gnu.org; Tue, 24 Jan 2017 18:36:11 -0500
Received: from hermes.netfonds.no ([80.91.224.195]:51847)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <larsi@gnus.org>) id 1cWAdE-000121-HI
 for control@debbugs.gnu.org; Tue, 24 Jan 2017 18:36:08 -0500
Received: from 2.150.49.21.tmi.telenormobil.no ([2.150.49.21] helo=mouse)
 by hermes.netfonds.no with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.84_2) (envelope-from <larsi@gnus.org>) id 1cWAdC-00046l-39
 for control@debbugs.gnu.org; Wed, 25 Jan 2017 00:36:08 +0100
Date: Wed, 25 Jan 2017 00:36:00 +0100
Message-Id: <871svsc9pb.fsf@gnus.org>
To: control@debbugs.gnu.org
From: Lars Ingebrigtsen <larsi@gnus.org>
Subject: control message for bug #24575
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: control
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: 0.0 (/)

close 24575 




From unknown Sat Sep 06 10:20:43 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#24575: libgnutls MacOSX bug?
Resent-From: Devon Sean McCullough <devon2016@jovi.net>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Wed, 25 Jan 2017 21:39:03 +0000
Resent-Message-ID: <handler.24575.B24575.148538033118545@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 24575
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: 
To: Lars Ingebrigtsen <larsi@gnus.org>
Cc: 24575@debbugs.gnu.org, Eli Zaretskii <eliz@gnu.org>, npostavs@users.sourceforge.net
Received: via spool by 24575-submit@debbugs.gnu.org id=B24575.148538033118545
          (code B ref 24575); Wed, 25 Jan 2017 21:39:03 +0000
Received: (at 24575) by debbugs.gnu.org; 25 Jan 2017 21:38:51 +0000
Received: from localhost ([127.0.0.1]:43755 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1cWVHF-0004ov-ML
	for submit@debbugs.gnu.org; Wed, 25 Jan 2017 16:38:51 -0500
Received: from gateway36.websitewelcome.com ([192.185.199.121]:43156)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <devon2016@jovi.net>) id 1cWVHB-0004ok-GH
 for 24575@debbugs.gnu.org; Wed, 25 Jan 2017 16:38:49 -0500
Received: from cm11.websitewelcome.com (cm11.websitewelcome.com [100.42.49.5])
 by gateway36.websitewelcome.com (Postfix) with ESMTP id 92A824122C790
 for <24575@debbugs.gnu.org>; Wed, 25 Jan 2017 15:38:44 -0600 (CST)
Received: from leaf.websitewelcome.com ([192.185.82.99]) by cmsmtp with SMTP
 id WVGxcTlEPEzGVWVGxcUOSC; Wed, 25 Jan 2017 15:38:32 -0600
Received: from dhcp-18-111-27-202.dyn.mit.edu ([18.111.27.202]:55937)
 by leaf.websitewelcome.com with esmtpsa (TLSv1:ECDHE-RSA-AES256-SHA:256)
 (Exim 4.87) (envelope-from <devon2016@jovi.net>)
 id 1cWVH9-000M4G-OX; Wed, 25 Jan 2017 15:38:43 -0600
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: Devon Sean McCullough <devon2016@jovi.net>
In-Reply-To: <8737g8c9pl.fsf@gnus.org>
Date: Wed, 25 Jan 2017 16:38:43 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <CBAD5C8A-289D-4375-9B93-BA5C007F42CC@jovi.net>
References: <bf2f339ed2b6a6a42167a6be5cc8aaa3.squirrel@leaf.websitewelcome.com>
 <a528d8b7393b9bf818e038f5fda5a124.squirrel@leaf.websitewelcome.com>
 <83r380l55d.fsf@gnu.org> <87vaxcxog5.fsf@users.sourceforge.net>
 <8737g8c9pl.fsf@gnus.org>
X-Mailer: Apple Mail (2.3124)
X-AntiAbuse: This header was added to track abuse,
 please include it with any abuse report
X-AntiAbuse: Primary Hostname - leaf.websitewelcome.com
X-AntiAbuse: Original Domain - debbugs.gnu.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - jovi.net
X-BWhitelist: no
X-Source-IP: 18.111.27.202
X-Exim-ID: 1cWVH9-000M4G-OX
X-Source: 
X-Source-Args: 
X-Source-Dir: 
X-Source-Sender: dhcp-18-111-27-202.dyn.mit.edu [18.111.27.202]:55937
X-Source-Auth: devon2011@jovi.net
X-Email-Count: 1
X-Source-Cap: am92aW5ldDtkZXZvbjtsZWFmLndlYnNpdGV3ZWxjb21lLmNvbQ==
X-CMAE-Envelope: MS4wfEq2mG9yYIKR1GYGY/5XCmMhbZOZwUa8p7sgcF1Iovfy6Fx7Dq8H8Dh/dpCjC6WB7djIS4577cX2rxbiSb/XmXT+0vHOf5pMjytLZO6fmaakz27iyXSL
 W9ndZsc2XCVIrJTEb9Hdhz/yTGLdBw05XfLCG4ENfgevh8zzlxjDzfsLtpaL66qTINPrjwF55GVlmQ==
X-Spam-Score: 0.5 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: 0.5 (/)

> On Jan 24, 2017, at 6:35 PM, Lars Ingebrigtsen <larsi@gnus.org> wrote:
> So this doesn't seem to be an Emacs bug?  I'm closing this report, but
> feel free to reopen if it turns out to be an Emacs bug anyway.

Either an Emacs bug or a cert bug at https://gnu.org.

Open -a /Applications/Emacs.app -n --args -Q --eval '(progn (setq =
debug-on-error t) (trace-function (function nsm-query-user)) =
(url-retrieve-synchronously "https://gnu.org"))'

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
1 -> (nsm-query-user "The TLS connection to %s:%s is insecure for the =
following reason%s:

%s" ("gnu.org" 443 "s" "the certificate was signed by an unknown and =
therefore untrusted authority
certificate could not be verified") #("Certificate information
Issued by:          Let's Encrypt Authority X3
Issued to:          CN=3Dgnu.org
Hostname:           gnu.org
Public key:         RSA, signature: RSA-SHA256
Protocol:           TLS1.2, key: ECDHE-RSA, cipher: AES-128-GCM, mac: =
AEAD
Security level:     Medium
Valid:              =46rom 2016-12-16 to 2017-03-16

" 272 278 (face bold)))
1 <- nsm-query-user: session
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
1 -> (nsm-query-user "The TLS connection to %s:%s is insecure for the =
following reason%s:

%s" ("www.gnu.org" 443 "s" "the certificate was signed by an unknown and =
therefore untrusted authority
certificate could not be verified") #("Certificate information
Issued by:          Let's Encrypt Authority X3
Issued to:          CN=3Dgnu.org
Hostname:           gnu.org
Public key:         RSA, signature: RSA-SHA256
Protocol:           TLS1.2, key: ECDHE-RSA, cipher: AES-128-GCM, mac: =
AEAD
Security level:     Medium
Valid:              =46rom 2016-12-16 to 2017-03-16

" 272 278 (face bold)))
1 <- nsm-query-user: session





From unknown Sat Sep 06 10:20:43 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#24575: libgnutls MacOSX bug?
Resent-From: Glenn Morris <rgm@gnu.org>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Wed, 25 Jan 2017 22:38:02 +0000
Resent-Message-ID: <handler.24575.B24575.14853838594928@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 24575
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: 
To: Devon Sean McCullough <devon2016@jovi.net>
Cc: 24575@debbugs.gnu.org, Lars Ingebrigtsen <larsi@gnus.org>, npostavs@users.sourceforge.net
Received: via spool by 24575-submit@debbugs.gnu.org id=B24575.14853838594928
          (code B ref 24575); Wed, 25 Jan 2017 22:38:02 +0000
Received: (at 24575) by debbugs.gnu.org; 25 Jan 2017 22:37:39 +0000
Received: from localhost ([127.0.0.1]:43859 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1cWWCA-0001HP-8r
	for submit@debbugs.gnu.org; Wed, 25 Jan 2017 17:37:39 -0500
Received: from eggs.gnu.org ([208.118.235.92]:52779)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rgm@gnu.org>) id 1cWWC9-0001H9-4y
 for 24575@debbugs.gnu.org; Wed, 25 Jan 2017 17:37:37 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <rgm@gnu.org>) id 1cWWC3-0006ai-HA
 for 24575@debbugs.gnu.org; Wed, 25 Jan 2017 17:37:32 -0500
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-5.1 required=5.0 tests=BAYES_00,RP_MATCHES_RCVD
 autolearn=disabled version=3.3.2
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:39466)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <rgm@gnu.org>)
 id 1cWWBi-0006P2-6k; Wed, 25 Jan 2017 17:37:10 -0500
Received: from rgm by fencepost.gnu.org with local (Exim 4.82)
 (envelope-from <rgm@gnu.org>)
 id 1cWWBh-00047L-7c; Wed, 25 Jan 2017 17:37:09 -0500
From: Glenn Morris <rgm@gnu.org>
References: <bf2f339ed2b6a6a42167a6be5cc8aaa3.squirrel@leaf.websitewelcome.com>
 <a528d8b7393b9bf818e038f5fda5a124.squirrel@leaf.websitewelcome.com>
 <83r380l55d.fsf@gnu.org> <87vaxcxog5.fsf@users.sourceforge.net>
 <8737g8c9pl.fsf@gnus.org>
 <CBAD5C8A-289D-4375-9B93-BA5C007F42CC@jovi.net>
X-Spook: Nigeria State of emergency fundamentalist bank Baranyi
X-Ran: fD@(=HV-k7Z]2bC"J:f9Tzh_j)3w9&2x;+wCOG[<^];g9d.L\'$1*X=&=4.]i95KJp:]zA
X-Hue: green
X-Attribution: GM
Date: Wed, 25 Jan 2017 17:37:08 -0500
In-Reply-To: <CBAD5C8A-289D-4375-9B93-BA5C007F42CC@jovi.net> (Devon Sean
 McCullough's message of "Wed, 25 Jan 2017 16:38:43 -0500")
Message-ID: <y2bmuuzrzf.fsf@fencepost.gnu.org>
User-Agent: Gnus (www.gnus.org), GNU Emacs (www.gnu.org/software/emacs/)
MIME-Version: 1.0
Content-Type: text/plain
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-Spam-Score: -8.2 (--------)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -8.2 (--------)


(BTW, This seems like a duplicate of 24396?)




From unknown Sat Sep 06 10:20:43 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#24575: libgnutls MacOSX bug?
Resent-From: npostavs@users.sourceforge.net
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Wed, 25 Jan 2017 23:57:02 +0000
Resent-Message-ID: <handler.24575.B24575.148538857925275@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 24575
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: 
To: Glenn Morris <rgm@gnu.org>
Cc: 24575@debbugs.gnu.org, Lars Ingebrigtsen <larsi@gnus.org>, Devon Sean McCullough <devon2016@jovi.net>
Received: via spool by 24575-submit@debbugs.gnu.org id=B24575.148538857925275
          (code B ref 24575); Wed, 25 Jan 2017 23:57:02 +0000
Received: (at 24575) by debbugs.gnu.org; 25 Jan 2017 23:56:19 +0000
Received: from localhost ([127.0.0.1]:43937 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1cWXQJ-0006ZW-0d
	for submit@debbugs.gnu.org; Wed, 25 Jan 2017 18:56:19 -0500
Received: from mail-it0-f68.google.com ([209.85.214.68]:34566)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <npostavs@gmail.com>)
 id 1cWXQG-0006ZB-EH; Wed, 25 Jan 2017 18:56:16 -0500
Received: by mail-it0-f68.google.com with SMTP id o185so3698711itb.1;
 Wed, 25 Jan 2017 15:56:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=sender:from:to:cc:subject:references:date:in-reply-to:message-id
 :user-agent:mime-version;
 bh=kAUQjZntuLi2d4rWkC0AYibyGPEufel/xFbMxh5IbBs=;
 b=B5oHHzJRVe89Oysyyyoo7rpj3sR3H39RB/jJZZXcCYXXBPHmssKJb+l8Xub5veWHHr
 pyc622QS3GRsn8hXohpxmYz2WJDENhsz47Vx1KL/2UnC5+HyRuuWvojE7D8Xp14qn/hw
 Q8STe7rVZDMMHjysOm40JcEgencORNqPPg0EseoROiLOyb1xEiBdCIBKJMF3cGqRJfsf
 GZJJUc5Aw9aZQ0PB/80joKbjYie6ZHa8/pCNQGhNWzqAl0kyjyGVe3WO6lQVUh/r+D/7
 zQ2wbALcPcglrdZ4W7fasEnESTdJM1vGH9hFr5y32pPZvTnLlqDNyKHnjL7YBPu0Tl37
 sgKQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:sender:from:to:cc:subject:references:date
 :in-reply-to:message-id:user-agent:mime-version;
 bh=kAUQjZntuLi2d4rWkC0AYibyGPEufel/xFbMxh5IbBs=;
 b=E+1xflKpzD3mB5IvCCP8cWXKuL/zYYeB5q9CEoR2u2Ib635INni6Ur+lWg06bWm/sh
 3KMUWb6yN70nOVpbdxiCpLvya92REK1N4CW75feTBaviCGVG2+ildAEmDTtfXvp8hSuI
 zUEIYYx7m6lf5olZ6hbl6xqZDA9OzzKYIrQjC9d8yhakxd97GZFppKOCCWiL8/c1DwI4
 rPKGIxb72BJDTPsc2Veuhmxl9ZdOtMCkR9jN5qCHWiWf6RwyUdaSnXCXN8wR5y+QPW+J
 d62E3cZ/nwkzujJTZ+vG2IjVvOw94M2+w4ytqVtDlwuDWKSf+83SAyPaeaJ7GV7FvC6L
 x/pw==
X-Gm-Message-State: AIkVDXKpm1Ti9v6+qI0uek8D0Kldfi91yF95eZlzMb4vXZvrh/D0sYKwov/QkldWo+yfYA==
X-Received: by 10.36.22.12 with SMTP id a12mr25662807ita.51.1485388570697;
 Wed, 25 Jan 2017 15:56:10 -0800 (PST)
Received: from zony ([45.2.7.65])
 by smtp.googlemail.com with ESMTPSA id f188sm3187541itf.9.2017.01.25.15.56.09
 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
 Wed, 25 Jan 2017 15:56:09 -0800 (PST)
From: npostavs@users.sourceforge.net
References: <bf2f339ed2b6a6a42167a6be5cc8aaa3.squirrel@leaf.websitewelcome.com>
 <a528d8b7393b9bf818e038f5fda5a124.squirrel@leaf.websitewelcome.com>
 <83r380l55d.fsf@gnu.org> <87vaxcxog5.fsf@users.sourceforge.net>
 <8737g8c9pl.fsf@gnus.org> <CBAD5C8A-289D-4375-9B93-BA5C007F42CC@jovi.net>
 <y2bmuuzrzf.fsf@fencepost.gnu.org>
Date: Wed, 25 Jan 2017 18:57:17 -0500
In-Reply-To: <y2bmuuzrzf.fsf@fencepost.gnu.org> (Glenn Morris's message of
 "Wed, 25 Jan 2017 17:37:08 -0500")
Message-ID: <87fuk6u202.fsf@users.sourceforge.net>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: -0.0 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.0 (/)

tags 24575 notabug
quit

Glenn Morris <rgm@gnu.org> writes:

> (BTW, This seems like a duplicate of 24396?)

The case in https://debbugs.gnu.org/cgi/bugreport.cgi?bug=24575#28
definitely looks like Bug#24396, and I can't reproduce it here on my
Arch GNU/Linux box.

For the case in the OP, I reported in
https://debbugs.gnu.org/cgi/bugreport.cgi?bug=24575#20 being able to
reproduce the error sometimes, depending on which remote host answered.
Since it also happens with gnutls-cli, I don't believe it's an Emacs
bug.  And it no longer happens for me at all, so I think it was fixed on
the remote end.