Package: libgnutls26 Severity: important Version: 2.4.2-6+lenny1 Tags: lenny
When using apt-transport-https to fetch packages from a https web server configured with required client authentication (apt options Acquire:: {CaInfo,SslCert,SslKey}), an apt-operation will fail with misleading message: ---- * ---- # apt-get update [...] Err https://debian.<privateurl> lenny/main Packages Sub-process bzip2 returned an error code (2) Fetched 140B in 0s (248B/s) W: GPG error: https://debian.<privateurl> lenny Release: The following signatures were invalid: NODATA 1 NODATA 2 W: Failed to fetch https://debian.<privateurl>/debian/dists/lenny/main/binary- i386/Packages.bz2 Sub-process bzip2 returned an error code (2) E: Some index files failed to download, they have been ignored, or old ones used instead. ---- * ---- Upgrading to libgnutls26 to sid's 2.6.5-1 fixes the problem. If I disable client authentication on the web server, leaving just https server authentication (via the cacert), it works even with lenny's version. This bug should be probably mentioned on apt-transport-https bug entries too since the error reported is misleading and since testing curl via command line with --cacert, --cert and --key just works (with the same .pem files specified in apt.conf*.) -- ESC:wq -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org