[MacPorts] #43205: curl-ca-bundle: fails to verify macports.org certificate

#43205: curl-ca-bundle: fails to verify macports.org certificate ---------------------+---------------------------- Reporter: mojca@… | Owner: ryandesign@… Type: defect | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.2.99 Keywords: | Port: curl-ca-bundle ---------------------+---------------------------- I'm having basically the same problem as described #42718, except that I have `curl-ca-bundle` installed and no `certsync`. {{{ $ sudo port -v sync ---> Updating the ports tree Synchronizing local ports tree from file:///Users/me/macports/svn/macports/trunk/dports Updating '/Users/me/macports/svn/macports/trunk/dports': svn: E230001: Unable to connect to a repository at URL 'https://svn.macports.org/repository/macports/trunk' svn: E230001: Server SSL certificate verification failed: certificate has expired Command failed: /opt/local/bin/svn update --non-interactive /Users/me/macports/svn/macports/trunk/dports Exit code: 1 Error: Synchronization of the local ports tree failed doing an svn update ... }}} {{{ $ curl https://www.macports.org/ <?xml version="1.0" encoding="utf-8"?> ... works ... }}} {{{ $ openssl s_client -connect www.macports.org:443 -CAfile /opt/local/etc/openssl/cert.pem CONNECTED(00000003) depth=2 C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CA verify error:num=10:certificate has expired notAfter=Jan 28 12:00:00 2014 GMT verify return:0 --- Certificate chain 0 s:/OU=Domain Control Validated/CN=*.macports.org i:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Domain Validation CA - G2 1 s:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Domain Validation CA - G2 i:/C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CA --- ... }}} {{{ $ port provides /opt/local/etc/openssl/cert.pem /opt/local/etc/openssl/cert.pem is provided by: curl-ca-bundle }}} When using certsync instead of curl-ca-bundle it works. When replacing {{{ /opt/local/bin/svn update --non-interactive /Users/me/macports/svn/macports/trunk/dports }}} by {{{ /usr/bin/svn update --non-interactive /Users/me/macports/svn/macports/trunk/dports }}} in `macports.tcl` or when running that command manually (rather than inside `macports.tcl`) it works as well. -- Ticket URL: <https://trac.macports.org/ticket/43205> MacPorts <http://www.macports.org/> Ports system for OS X