Your message dated Fri, 18 Jul 2025 13:19:53 +0200
with message-id <[email protected]>
and subject line #995926 Error validating Let's Encrypt cert chains
has caused the Debian Bug report #995926,
regarding Error validating Let's Encrypt cert chains
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
995926: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=995926
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: gnutls28
Version: 3.7.2-2
Apps using gnutls fail to connect to servers using a Let's Encrypt
certificate which are cross-signed by the now expired DST Root CA X3,
see [0].
Examples:
$ lftp https://shop.bbc.com
cd: Fatal error: Certificate verification: Not trusted
(93:3C:6D:DE:E9:5C:9C:41:A4:0F:9F:50:49:3D:82:BE:03:AD:87:BF)
$ audacious https://stream.tonkuhle.de/tonkuhle.mp3
ERROR neon.cc:542 [open_request]: <0x7f68d4025660> Could not open URL: 1 (0)
ERROR neon.cc:545 [open_request]: <0x7f68d4025660> neon error string:
Server certificate verification failed: bad certificate chain
ERROR neon.cc:756 [fopen]: <0x7f68d4025660> Could not open URL
ERROR util.cc:269 [audgui_simple_message]: Error playing
https://stream.tonkuhle.de/tonkuhle.mp3:
Server certificate verification failed: bad certificate chain
[0] https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/
--- End Message ---
--- Begin Message ---
fixed 995926 4.9.3-1
thx
the bug was fixed upstream and it is included in 4.9.3-1.
--
Noël Köthe <noel debian.org>
Debian GNU/Linux, www.debian.org
signature.asc
Description: This is a digitally signed message part
--- End Message ---
