#47576: curl-ca-bundle @7.42.0_0 unable to get local issuer certificate --------------------------+-------------------------------- Reporter: and.damore@… | Owner: macports-tickets@… Type: defect | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.3.3 Keywords: | Port: curl-ca-bundle --------------------------+-------------------------------- Mozilla [https://bugzilla.mozilla.org/show_bug.cgi?id=986014 dropped some 1024 bits keys], as result curl-ca-bundle cannot be used anymore to establish connection to servers using those keys in their chain. For instance *thawte Primary Root CA* broke {{{ depth=2 C = US, O = "thawte, Inc.", OU = Certification Services Division, OU = "(c) 2006 thawte, Inc. - For authorized use only", CN = thawte Primary Root CA verify error:num=20:unable to get local issuer certificate }}} This is planned on upstream side and not an actual error. A solution for an OS X user is to switch to **certsync** port in place of **curl-ca-bundle**. This ticket is here as reference for users searching for the error they see while using curl or openssl's s_client. -- Ticket URL: <https://trac.macports.org/ticket/47576> MacPorts <https://www.macports.org/> Ports system for OS X