Hi Asif, The repo server has a certificate from Lets Encrypt. I would check with the list of CAs installed in your distro to confirm that Lets Encrypt is supported, and Google around for packages to update from.
On Wed, Oct 25, 2017 at 7:06 PM, Haswarey, Asif via iovisor-dev < iovisor-dev@lists.iovisor.org> wrote: > Hi! > > > > I am trying to do an apt-file update, but I get the following > > error: > > > > ======================== ERROR MESSAGE BEGIN > > curl: (60) server certificate verification failed. CAfile: > /etc/ssl/certs/ca-certificates.crt CRLfile: none > > More details here: http://curl.haxx.se/docs/sslcerts.html > > > > curl performs SSL certificate verification by default, using a "bundle" > > of Certificate Authority (CA) public keys (CA certs). If the default > > bundle file isn't adequate, you can specify an alternate file > > using the --cacert option. > > If this HTTPS server uses a certificate signed by a CA represented in > > the bundle, the certificate verification probably failed due to a > > problem with the certificate (it might be expired, or the name might > > not match the domain name in the URL). > > If you'd like to turn off curl's verification of the certificate, use > > the -k (or --insecure) option. > > Download of https://repo.iovisor.org/apt/xenial/dists/xenial-nightly/ > Contents-amd64.gz failed > > ======================== ERROR MESSAGE END > > > > Is there a way for me to get iovisor.org’s certificate to make this work? > > I **do not** want to use the –k insecure option in /etc/apt/apt-file.conf: > > > > https = diffindex-download –k -i "<uri>/dists/<dist>/Contents-<arch>.gz" > <cache>/<dest> > > > > Thanks for your time! > > _ > > Asif > > _______________________________________________ > iovisor-dev mailing list > iovisor-dev@lists.iovisor.org > https://lists.iovisor.org/mailman/listinfo/iovisor-dev > >
_______________________________________________ iovisor-dev mailing list iovisor-dev@lists.iovisor.org https://lists.iovisor.org/mailman/listinfo/iovisor-dev
