[MacPorts] #68932: GitLab SSL certificate changed so we can no longer mirror its files
MacPorts
noreply at macports.org
Thu Dec 21 02:30:55 UTC 2023
#68932: GitLab SSL certificate changed so we can no longer mirror its files
-----------------------------+---------------------
Reporter: NucleaPeon | Owner: admin@…
Type: defect | Status: closed
Priority: Normal | Milestone:
Component: server/hosting | Version: 2.8.1
Resolution: fixed | Keywords:
Port: |
-----------------------------+---------------------
Changes (by ryandesign):
* status: assigned => closed
* resolution: => fixed
Comment:
Replying to [comment:3 ryandesign]:
> I plan to fix the problem with a smaller change: changing the MacPorts
installation that the mirroring process uses so that it uses MacPorts curl
instead of macOS curl, since MacPorts curl uses a newer SSL library that
is able to connect to all servers.
Instead, I installed the [https://crt.sh/?id=1199354 USERTrust RSA
Certification Authority certificate] into the Keychain on the build
machine and on the OS X 10.11 El Capitan and older build workers. (Install
it into the System keychain, not the login keychain. If prompted, choose
Always Trust. If not prompted, find the certificate in the list, double-
click it to open it, click the triangle to the left of Trust, and in the
When using this certificate menu, choose Always Trust.) (This is similar
to [wiki:ProblemHotlist#letsencrypt what we suggest for Let's Encrypt].)
This worked for me on OS X 10.9, 10.10, and 10.11. It did not work on 10.8
and earlier but now that the build machine can mirror these files again
that should suffice for users on 10.8 and earlier.
--
Ticket URL: <https://trac.macports.org/ticket/68932#comment:12>
MacPorts <https://www.macports.org/>
Ports system for macOS
More information about the macports-tickets
mailing list