[MacPorts] #56704: archivefetch failed verification with key /opt/local/share/macports/macports-pubkey.pem
MacPorts
noreply at macports.org
Thu Jun 21 00:08:51 UTC 2018
#56704: archivefetch failed verification with key /opt/local/share/macports
/macports-pubkey.pem
------------------------+--------------------
Reporter: psiqueira | Owner: (none)
Type: defect | Status: new
Priority: Normal | Milestone:
Component: base | Version: 2.5.2
Resolution: | Keywords:
Port: |
------------------------+--------------------
Comment (by psiqueira):
Replying to [comment:1 jmroot]:
> Downloading the archive and signature from the same server you're
getting them from and verifying manually with openssl works fine here:
> {{{
> % openssl dgst -ripemd160 -verify /opt/local/share/macports/macports-
pubkey.pem -signature libiconv-1.15_0.darwin_17.x86_64.tbz2.rmd160
libiconv-1.15_0.darwin_17.x86_64.tbz2
> Verified OK
> }}}
> The archive, the signature or both must be getting corrupted in transit
somehow. See wiki:MisbehavingServers for some ways that might be
happening. Good luck, network issues like this can be tricky.
Hmmm, are you saying that I can run the openssl command on my local
computer and that it should be able to verify ok? I tried this and it
doesn't work, but I get the impression that I don't fully understand. I
think that you are just showing that there is nothing wrong with the
signature generated for the port, which makes sense. In short, something
more serious is going on, but I am at a loss to understand what it is.
BTW, I did try using two different networks, and continue to have the same
problem.
A question: where does the macports-pubkey.pem get generated? Is it
possible that there is something in my configuration that is messing that
up?
--
Ticket URL: <https://trac.macports.org/ticket/56704#comment:3>
MacPorts <https://www.macports.org/>
Ports system for macOS
More information about the macports-tickets
mailing list