date:20200530

Re: [Rd] r-project.org SSL certificate issues

2020-05-30 Thread Gábor Csárdi

The expired cert was in my initial email. This is a CA cert. If you go
to https://www.ssllabs.com/ssltest/analyze.html?d=svn.r-project.org
and wait for the analysis, and then expand the certification paths,
then you'll see three possible paths. (For most simulated clients.)
Two are trusted, one is not. The browsers can use a trusted one, e.g.
my Chrome uses the first, you can see this if you click on the lock
before the URL, and then on "Certificate". You'll see a chain of three
certs, just like on the ssllabs page.

Apparently, R / libcurl / openssl cannot use them, I am not entirely sure why.

Gabor

On Sat, May 30, 2020 at 10:40 PM Duncan Murdoch
 wrote:
>
> On 30/05/2020 5:23 p.m., Bob Rudis wrote:
> > I've updated the dashboard (https://rud.is/r-project-cert-status/)
> > script and my notifier script to account for the entire chain in each
> > cert.
>
> You never posted which certificate has expired.  Your dashboard shows
> they're all valid, but the download still fails, presumably because
> something not shown has expired.
>
> Hopefully someone who can actually act on this can figure out what needs
> doing.
>
> Duncan Murdoch
>
> >
> > On Sat, May 30, 2020 at 5:16 PM Bob Rudis  wrote:
> >>
> >> # A tibble: 13 x 1
> >> site
> >> 
> >>   1 beta.r-project.org
> >>   2 bugs.r-project.org
> >>   3 cran-archive.r-project.org
> >>   4 cran.r-project.org
> >>   5 developer.r-project.org
> >>   6 ess.r-project.org
> >>   7 ftp.cran.r-project.org
> >>   8 journal.r-project.org
> >>   9 r-project.org
> >> 10 svn.r-project.org
> >> 11 user2011.r-project.org
> >> 12 www.cran.r-project.org
> >> 13 www.r-project.org
> >>
> >> is the whole list b/c of the wildcard cert.
> >>
> >> On Sat, May 30, 2020 at 5:07 PM Bob Rudis  wrote:
> >>>
> >>> It's the top of chain CA cert, so browsers are being lazy and helpful
> >>> to humans by (incorrectly, albeit) relying on the existing trust
> >>> relationship.
> >>>
> >>> libcurl (et al) is not nearly as forgiving.
> >>>
> >>> On Sat, May 30, 2020 at 5:01 PM peter dalgaard  wrote:
> 
>  Odd. Safari has no problem and says certificate expires August 16 2020, 
>  but I also see the download.file issue with 4.0.1 beta:
> 
> > download.file("https://www.r-project.org;, tempfile())
>  trying URL 'https://www.r-project.org'
>  Error in download.file("https://www.r-project.org;, tempfile()) :
> cannot open URL 'https://www.r-project.org'
>  In addition: Warning message:
>  In download.file("https://www.r-project.org;, tempfile()) :
> URL 'https://www.r-project.org/': status was 'Peer certificate cannot 
>  be authenticated with given CA certificates'
> 
>  (note slightly different error message).
> 
>  svn is also affected:
> 
>  Peters-MacBook-Air:R pd$ svn up
>  Updating '.':
>  Error validating server certificate for 'https://svn.r-project.org:443':
>    - The certificate has expired.
>  Certificate information:
>    - Hostname: *.r-project.org
>    - Valid: from Aug 16 00:00:00 2018 GMT until Aug 15 23:59:59 2020 GMT
>    - Issuer: COMODO RSA Domain Validation Secure Server CA, COMODO CA 
>  Limited, Salford, Greater Manchester, GB
>    - Fingerprint: 
>  93:B8:AF:9F:0A:67:2F:3A:C9:BA:FF:86:BB:2C:08:47:02:7F:1D:8D
>  (R)eject, accept (t)emporarily or accept (p)ermanently? t
>  Usrc/library/grid/R/grob.R
>  
> 
>  ssltest shows two certificates of which only one is expired?
> 
>  -pd
> 
> 
> 
> > On 30 May 2020, at 22:17 , Gábor Csárdi  wrote:
> >
> > On macOS 10.15.5 and R-devel:
> >
> >> download.file("https://www.r-project.org;, tempfile())
> > trying URL 'https://www.r-project.org'
> > Error in download.file("https://www.r-project.org;, tempfile()) :
> >   cannot open URL 'https://www.r-project.org'
> > In addition: Warning message:
> > In download.file("https://www.r-project.org;, tempfile()) :
> >   URL 'https://www.r-project.org': status was 'SSL peer certificate or
> > SSH remote key was not OK'
> >
> > https://www.ssllabs.com/ssltest says:
> >
> > COMODO RSA Certification Authority
> > Fingerprint SHA256:
> > 4f32d5dc00f715250abcc486511e37f501a899deb3bf7ea8adbbd3aef1c412da
> > Pin SHA256: grX4Ta9HpZx6tSHkmCrvpApTQGo67CYDnvprLg5yRME=
> > Valid untilSat, 30 May 2020 10:48:38 UTC (expired 8 hours and 51
> > minutes ago)   EXPIRED
> >
> > AFAICT this is the reason:
> > https://calnetweb.berkeley.edu/calnet-technologists/incommon-sectigo-certificate-service/addtrust-external-root-expiration-may-2020
> >
> > FYI,
> > Gabor
> >
> > __
> > R-devel@r-project.org mailing list
> > https://stat.ethz.ch/mailman/listinfo/r-devel
> 
>  --
>  Peter Dalgaard, Professor,
>  Center for Statistics, Copenhagen Business School
>

Re: [Rd] r-project.org SSL certificate issues

2020-05-30 Thread Gábor Csárdi

On Sat, May 30, 2020 at 11:02 PM Jeroen Ooms  wrote:
[...]
>
> What you need to do is replace the final certificate with this one
> (just copy-paste the base64 cert): https://crt.sh/?d=1720081 .Then
> restart the server.

You can also export this from Keychain Access on macOS, btw. find
"COMODO RSA Certification Authority" and right click, export, PEM
format.

> See here for details:
> https://support.sectigo.com/articles/Knowledge/Sectigo-AddTrust-External-CA-Root-Expiring-May-30-2020
> . This site talks about "For business processes that depend on very
> old systems" but the reality is that this affects everything that
> uses openssl for https, including curl, svn, etc.

Btw. why does this affect openssl? That root cert was published in
2010, surely openssl should know about it? Maybe libcurl / openssl
only uses the chain provided by the server? Without trying to use an
alternate chain?

Gabor

__
R-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/r-devel

Re: [Rd] r-project.org SSL certificate issues

2020-05-30 Thread Jeroen Ooms

On Sat, May 30, 2020 at 11:40 PM Duncan Murdoch
 wrote:
>
> On 30/05/2020 5:23 p.m., Bob Rudis wrote:
> > I've updated the dashboard (https://rud.is/r-project-cert-status/)
> > script and my notifier script to account for the entire chain in each
> > cert.
>
> You never posted which certificate has expired.  Your dashboard shows
> they're all valid, but the download still fails, presumably because
> something not shown has expired.

To see the problem in R:

   certs <- openssl::download_ssl_cert('cran.r-project.org')
   as.list(certs[[3]])

Shows the root cert expires today.

> Hopefully someone who can actually act on this can figure out what needs
> doing.

The apache server will have a config entry SSLCertificateFile which
points to a cert bundle (in nginx servers this is called
"ssl_certificate"). If you open this in a text editor it contains the
3 certs, in PEM format, so 3 entires like this:

-BEGIN CERTIFICATE-
[base64 cert]
-END CERTIFICATE-

What you need to do is replace the final certificate with this one
(just copy-paste the base64 cert): https://crt.sh/?d=1720081 .Then
restart the server.

See here for details:
https://support.sectigo.com/articles/Knowledge/Sectigo-AddTrust-External-CA-Root-Expiring-May-30-2020
. This site talks about "For business processes that depend on very
old systems" but the reality is that this affects everything that
uses openssl for https, including curl, svn, etc.

__
R-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/r-devel

Re: [Rd] r-project.org SSL certificate issues

2020-05-30 Thread Duncan Murdoch


On 30/05/2020 5:23 p.m., Bob Rudis wrote:

I've updated the dashboard (https://rud.is/r-project-cert-status/)
script and my notifier script to account for the entire chain in each
cert.


You never posted which certificate has expired.  Your dashboard shows 
they're all valid, but the download still fails, presumably because 
something not shown has expired.


Hopefully someone who can actually act on this can figure out what needs 
doing.


Duncan Murdoch



On Sat, May 30, 2020 at 5:16 PM Bob Rudis  wrote:


# A tibble: 13 x 1
site

  1 beta.r-project.org
  2 bugs.r-project.org
  3 cran-archive.r-project.org
  4 cran.r-project.org
  5 developer.r-project.org
  6 ess.r-project.org
  7 ftp.cran.r-project.org
  8 journal.r-project.org
  9 r-project.org
10 svn.r-project.org
11 user2011.r-project.org
12 www.cran.r-project.org
13 www.r-project.org

is the whole list b/c of the wildcard cert.

On Sat, May 30, 2020 at 5:07 PM Bob Rudis  wrote:


It's the top of chain CA cert, so browsers are being lazy and helpful
to humans by (incorrectly, albeit) relying on the existing trust
relationship.

libcurl (et al) is not nearly as forgiving.

On Sat, May 30, 2020 at 5:01 PM peter dalgaard  wrote:


Odd. Safari has no problem and says certificate expires August 16 2020, but I 
also see the download.file issue with 4.0.1 beta:


download.file("https://www.r-project.org;, tempfile())

trying URL 'https://www.r-project.org'
Error in download.file("https://www.r-project.org;, tempfile()) :
   cannot open URL 'https://www.r-project.org'
In addition: Warning message:
In download.file("https://www.r-project.org;, tempfile()) :
   URL 'https://www.r-project.org/': status was 'Peer certificate cannot be 
authenticated with given CA certificates'

(note slightly different error message).

svn is also affected:

Peters-MacBook-Air:R pd$ svn up
Updating '.':
Error validating server certificate for 'https://svn.r-project.org:443':
  - The certificate has expired.
Certificate information:
  - Hostname: *.r-project.org
  - Valid: from Aug 16 00:00:00 2018 GMT until Aug 15 23:59:59 2020 GMT
  - Issuer: COMODO RSA Domain Validation Secure Server CA, COMODO CA Limited, 
Salford, Greater Manchester, GB
  - Fingerprint: 93:B8:AF:9F:0A:67:2F:3A:C9:BA:FF:86:BB:2C:08:47:02:7F:1D:8D
(R)eject, accept (t)emporarily or accept (p)ermanently? t
Usrc/library/grid/R/grob.R


ssltest shows two certificates of which only one is expired?

-pd




On 30 May 2020, at 22:17 , Gábor Csárdi  wrote:

On macOS 10.15.5 and R-devel:


download.file("https://www.r-project.org;, tempfile())

trying URL 'https://www.r-project.org'
Error in download.file("https://www.r-project.org;, tempfile()) :
  cannot open URL 'https://www.r-project.org'
In addition: Warning message:
In download.file("https://www.r-project.org;, tempfile()) :
  URL 'https://www.r-project.org': status was 'SSL peer certificate or
SSH remote key was not OK'

https://www.ssllabs.com/ssltest says:

COMODO RSA Certification Authority
Fingerprint SHA256:
4f32d5dc00f715250abcc486511e37f501a899deb3bf7ea8adbbd3aef1c412da
Pin SHA256: grX4Ta9HpZx6tSHkmCrvpApTQGo67CYDnvprLg5yRME=
Valid untilSat, 30 May 2020 10:48:38 UTC (expired 8 hours and 51
minutes ago)   EXPIRED

AFAICT this is the reason:
https://calnetweb.berkeley.edu/calnet-technologists/incommon-sectigo-certificate-service/addtrust-external-root-expiration-may-2020

FYI,
Gabor

__
R-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/r-devel


--
Peter Dalgaard, Professor,
Center for Statistics, Copenhagen Business School
Solbjerg Plads 3, 2000 Frederiksberg, Denmark
Phone: (+45)38153501
Office: A 4.23
Email: pd@cbs.dk  Priv: pda...@gmail.com

__
R-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/r-devel


__
R-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/r-devel



__
R-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/r-devel

Re: [Rd] r-project.org SSL certificate issues

2020-05-30 Thread Bob Rudis

The browsers still shouldn't trust it. The CA cert is expired.

On Sat, May 30, 2020 at 5:23 PM Bob Rudis  wrote:
>
> I've updated the dashboard (https://rud.is/r-project-cert-status/)
> script and my notifier script to account for the entire chain in each
> cert.
>
> On Sat, May 30, 2020 at 5:16 PM Bob Rudis  wrote:
> >
> > # A tibble: 13 x 1
> >site
> >
> >  1 beta.r-project.org
> >  2 bugs.r-project.org
> >  3 cran-archive.r-project.org
> >  4 cran.r-project.org
> >  5 developer.r-project.org
> >  6 ess.r-project.org
> >  7 ftp.cran.r-project.org
> >  8 journal.r-project.org
> >  9 r-project.org
> > 10 svn.r-project.org
> > 11 user2011.r-project.org
> > 12 www.cran.r-project.org
> > 13 www.r-project.org
> >
> > is the whole list b/c of the wildcard cert.
> >
> > On Sat, May 30, 2020 at 5:07 PM Bob Rudis  wrote:
> > >
> > > It's the top of chain CA cert, so browsers are being lazy and helpful
> > > to humans by (incorrectly, albeit) relying on the existing trust
> > > relationship.
> > >
> > > libcurl (et al) is not nearly as forgiving.
> > >
> > > On Sat, May 30, 2020 at 5:01 PM peter dalgaard  wrote:
> > > >
> > > > Odd. Safari has no problem and says certificate expires August 16 2020, 
> > > > but I also see the download.file issue with 4.0.1 beta:
> > > >
> > > > > download.file("https://www.r-project.org;, tempfile())
> > > > trying URL 'https://www.r-project.org'
> > > > Error in download.file("https://www.r-project.org;, tempfile()) :
> > > >   cannot open URL 'https://www.r-project.org'
> > > > In addition: Warning message:
> > > > In download.file("https://www.r-project.org;, tempfile()) :
> > > >   URL 'https://www.r-project.org/': status was 'Peer certificate cannot 
> > > > be authenticated with given CA certificates'
> > > >
> > > > (note slightly different error message).
> > > >
> > > > svn is also affected:
> > > >
> > > > Peters-MacBook-Air:R pd$ svn up
> > > > Updating '.':
> > > > Error validating server certificate for 'https://svn.r-project.org:443':
> > > >  - The certificate has expired.
> > > > Certificate information:
> > > >  - Hostname: *.r-project.org
> > > >  - Valid: from Aug 16 00:00:00 2018 GMT until Aug 15 23:59:59 2020 GMT
> > > >  - Issuer: COMODO RSA Domain Validation Secure Server CA, COMODO CA 
> > > > Limited, Salford, Greater Manchester, GB
> > > >  - Fingerprint: 
> > > > 93:B8:AF:9F:0A:67:2F:3A:C9:BA:FF:86:BB:2C:08:47:02:7F:1D:8D
> > > > (R)eject, accept (t)emporarily or accept (p)ermanently? t
> > > > Usrc/library/grid/R/grob.R
> > > > 
> > > >
> > > > ssltest shows two certificates of which only one is expired?
> > > >
> > > > -pd
> > > >
> > > >
> > > >
> > > > > On 30 May 2020, at 22:17 , Gábor Csárdi  
> > > > > wrote:
> > > > >
> > > > > On macOS 10.15.5 and R-devel:
> > > > >
> > > > >> download.file("https://www.r-project.org;, tempfile())
> > > > > trying URL 'https://www.r-project.org'
> > > > > Error in download.file("https://www.r-project.org;, tempfile()) :
> > > > >  cannot open URL 'https://www.r-project.org'
> > > > > In addition: Warning message:
> > > > > In download.file("https://www.r-project.org;, tempfile()) :
> > > > >  URL 'https://www.r-project.org': status was 'SSL peer certificate or
> > > > > SSH remote key was not OK'
> > > > >
> > > > > https://www.ssllabs.com/ssltest says:
> > > > >
> > > > > COMODO RSA Certification Authority
> > > > > Fingerprint SHA256:
> > > > > 4f32d5dc00f715250abcc486511e37f501a899deb3bf7ea8adbbd3aef1c412da
> > > > > Pin SHA256: grX4Ta9HpZx6tSHkmCrvpApTQGo67CYDnvprLg5yRME=
> > > > > Valid untilSat, 30 May 2020 10:48:38 UTC (expired 8 hours and 51
> > > > > minutes ago)   EXPIRED
> > > > >
> > > > > AFAICT this is the reason:
> > > > > https://calnetweb.berkeley.edu/calnet-technologists/incommon-sectigo-certificate-service/addtrust-external-root-expiration-may-2020
> > > > >
> > > > > FYI,
> > > > > Gabor
> > > > >
> > > > > __
> > > > > R-devel@r-project.org mailing list
> > > > > https://stat.ethz.ch/mailman/listinfo/r-devel
> > > >
> > > > --
> > > > Peter Dalgaard, Professor,
> > > > Center for Statistics, Copenhagen Business School
> > > > Solbjerg Plads 3, 2000 Frederiksberg, Denmark
> > > > Phone: (+45)38153501
> > > > Office: A 4.23
> > > > Email: pd@cbs.dk  Priv: pda...@gmail.com
> > > >
> > > > __
> > > > R-devel@r-project.org mailing list
> > > > https://stat.ethz.ch/mailman/listinfo/r-devel

__
R-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/r-devel

Re: [Rd] r-project.org SSL certificate issues

2020-05-30 Thread Bob Rudis

I've updated the dashboard (https://rud.is/r-project-cert-status/)
script and my notifier script to account for the entire chain in each
cert.

On Sat, May 30, 2020 at 5:16 PM Bob Rudis  wrote:
>
> # A tibble: 13 x 1
>site
>
>  1 beta.r-project.org
>  2 bugs.r-project.org
>  3 cran-archive.r-project.org
>  4 cran.r-project.org
>  5 developer.r-project.org
>  6 ess.r-project.org
>  7 ftp.cran.r-project.org
>  8 journal.r-project.org
>  9 r-project.org
> 10 svn.r-project.org
> 11 user2011.r-project.org
> 12 www.cran.r-project.org
> 13 www.r-project.org
>
> is the whole list b/c of the wildcard cert.
>
> On Sat, May 30, 2020 at 5:07 PM Bob Rudis  wrote:
> >
> > It's the top of chain CA cert, so browsers are being lazy and helpful
> > to humans by (incorrectly, albeit) relying on the existing trust
> > relationship.
> >
> > libcurl (et al) is not nearly as forgiving.
> >
> > On Sat, May 30, 2020 at 5:01 PM peter dalgaard  wrote:
> > >
> > > Odd. Safari has no problem and says certificate expires August 16 2020, 
> > > but I also see the download.file issue with 4.0.1 beta:
> > >
> > > > download.file("https://www.r-project.org;, tempfile())
> > > trying URL 'https://www.r-project.org'
> > > Error in download.file("https://www.r-project.org;, tempfile()) :
> > >   cannot open URL 'https://www.r-project.org'
> > > In addition: Warning message:
> > > In download.file("https://www.r-project.org;, tempfile()) :
> > >   URL 'https://www.r-project.org/': status was 'Peer certificate cannot 
> > > be authenticated with given CA certificates'
> > >
> > > (note slightly different error message).
> > >
> > > svn is also affected:
> > >
> > > Peters-MacBook-Air:R pd$ svn up
> > > Updating '.':
> > > Error validating server certificate for 'https://svn.r-project.org:443':
> > >  - The certificate has expired.
> > > Certificate information:
> > >  - Hostname: *.r-project.org
> > >  - Valid: from Aug 16 00:00:00 2018 GMT until Aug 15 23:59:59 2020 GMT
> > >  - Issuer: COMODO RSA Domain Validation Secure Server CA, COMODO CA 
> > > Limited, Salford, Greater Manchester, GB
> > >  - Fingerprint: 
> > > 93:B8:AF:9F:0A:67:2F:3A:C9:BA:FF:86:BB:2C:08:47:02:7F:1D:8D
> > > (R)eject, accept (t)emporarily or accept (p)ermanently? t
> > > Usrc/library/grid/R/grob.R
> > > 
> > >
> > > ssltest shows two certificates of which only one is expired?
> > >
> > > -pd
> > >
> > >
> > >
> > > > On 30 May 2020, at 22:17 , Gábor Csárdi  wrote:
> > > >
> > > > On macOS 10.15.5 and R-devel:
> > > >
> > > >> download.file("https://www.r-project.org;, tempfile())
> > > > trying URL 'https://www.r-project.org'
> > > > Error in download.file("https://www.r-project.org;, tempfile()) :
> > > >  cannot open URL 'https://www.r-project.org'
> > > > In addition: Warning message:
> > > > In download.file("https://www.r-project.org;, tempfile()) :
> > > >  URL 'https://www.r-project.org': status was 'SSL peer certificate or
> > > > SSH remote key was not OK'
> > > >
> > > > https://www.ssllabs.com/ssltest says:
> > > >
> > > > COMODO RSA Certification Authority
> > > > Fingerprint SHA256:
> > > > 4f32d5dc00f715250abcc486511e37f501a899deb3bf7ea8adbbd3aef1c412da
> > > > Pin SHA256: grX4Ta9HpZx6tSHkmCrvpApTQGo67CYDnvprLg5yRME=
> > > > Valid untilSat, 30 May 2020 10:48:38 UTC (expired 8 hours and 51
> > > > minutes ago)   EXPIRED
> > > >
> > > > AFAICT this is the reason:
> > > > https://calnetweb.berkeley.edu/calnet-technologists/incommon-sectigo-certificate-service/addtrust-external-root-expiration-may-2020
> > > >
> > > > FYI,
> > > > Gabor
> > > >
> > > > __
> > > > R-devel@r-project.org mailing list
> > > > https://stat.ethz.ch/mailman/listinfo/r-devel
> > >
> > > --
> > > Peter Dalgaard, Professor,
> > > Center for Statistics, Copenhagen Business School
> > > Solbjerg Plads 3, 2000 Frederiksberg, Denmark
> > > Phone: (+45)38153501
> > > Office: A 4.23
> > > Email: pd@cbs.dk  Priv: pda...@gmail.com
> > >
> > > __
> > > R-devel@r-project.org mailing list
> > > https://stat.ethz.ch/mailman/listinfo/r-devel

__
R-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/r-devel

Re: [Rd] r-project.org SSL certificate issues

2020-05-30 Thread Bob Rudis

It's the top of chain CA cert, so browsers are being lazy and helpful
to humans by (incorrectly, albeit) relying on the existing trust
relationship.

libcurl (et al) is not nearly as forgiving.

On Sat, May 30, 2020 at 5:01 PM peter dalgaard  wrote:
>
> Odd. Safari has no problem and says certificate expires August 16 2020, but I 
> also see the download.file issue with 4.0.1 beta:
>
> > download.file("https://www.r-project.org;, tempfile())
> trying URL 'https://www.r-project.org'
> Error in download.file("https://www.r-project.org;, tempfile()) :
>   cannot open URL 'https://www.r-project.org'
> In addition: Warning message:
> In download.file("https://www.r-project.org;, tempfile()) :
>   URL 'https://www.r-project.org/': status was 'Peer certificate cannot be 
> authenticated with given CA certificates'
>
> (note slightly different error message).
>
> svn is also affected:
>
> Peters-MacBook-Air:R pd$ svn up
> Updating '.':
> Error validating server certificate for 'https://svn.r-project.org:443':
>  - The certificate has expired.
> Certificate information:
>  - Hostname: *.r-project.org
>  - Valid: from Aug 16 00:00:00 2018 GMT until Aug 15 23:59:59 2020 GMT
>  - Issuer: COMODO RSA Domain Validation Secure Server CA, COMODO CA Limited, 
> Salford, Greater Manchester, GB
>  - Fingerprint: 93:B8:AF:9F:0A:67:2F:3A:C9:BA:FF:86:BB:2C:08:47:02:7F:1D:8D
> (R)eject, accept (t)emporarily or accept (p)ermanently? t
> Usrc/library/grid/R/grob.R
> 
>
> ssltest shows two certificates of which only one is expired?
>
> -pd
>
>
>
> > On 30 May 2020, at 22:17 , Gábor Csárdi  wrote:
> >
> > On macOS 10.15.5 and R-devel:
> >
> >> download.file("https://www.r-project.org;, tempfile())
> > trying URL 'https://www.r-project.org'
> > Error in download.file("https://www.r-project.org;, tempfile()) :
> >  cannot open URL 'https://www.r-project.org'
> > In addition: Warning message:
> > In download.file("https://www.r-project.org;, tempfile()) :
> >  URL 'https://www.r-project.org': status was 'SSL peer certificate or
> > SSH remote key was not OK'
> >
> > https://www.ssllabs.com/ssltest says:
> >
> > COMODO RSA Certification Authority
> > Fingerprint SHA256:
> > 4f32d5dc00f715250abcc486511e37f501a899deb3bf7ea8adbbd3aef1c412da
> > Pin SHA256: grX4Ta9HpZx6tSHkmCrvpApTQGo67CYDnvprLg5yRME=
> > Valid untilSat, 30 May 2020 10:48:38 UTC (expired 8 hours and 51
> > minutes ago)   EXPIRED
> >
> > AFAICT this is the reason:
> > https://calnetweb.berkeley.edu/calnet-technologists/incommon-sectigo-certificate-service/addtrust-external-root-expiration-may-2020
> >
> > FYI,
> > Gabor
> >
> > __
> > R-devel@r-project.org mailing list
> > https://stat.ethz.ch/mailman/listinfo/r-devel
>
> --
> Peter Dalgaard, Professor,
> Center for Statistics, Copenhagen Business School
> Solbjerg Plads 3, 2000 Frederiksberg, Denmark
> Phone: (+45)38153501
> Office: A 4.23
> Email: pd@cbs.dk  Priv: pda...@gmail.com
>
> __
> R-devel@r-project.org mailing list
> https://stat.ethz.ch/mailman/listinfo/r-devel

__
R-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/r-devel

Re: [Rd] r-project.org SSL certificate issues

2020-05-30 Thread Bob Rudis

# A tibble: 13 x 1
   site
   
 1 beta.r-project.org
 2 bugs.r-project.org
 3 cran-archive.r-project.org
 4 cran.r-project.org
 5 developer.r-project.org
 6 ess.r-project.org
 7 ftp.cran.r-project.org
 8 journal.r-project.org
 9 r-project.org
10 svn.r-project.org
11 user2011.r-project.org
12 www.cran.r-project.org
13 www.r-project.org

is the whole list b/c of the wildcard cert.

On Sat, May 30, 2020 at 5:07 PM Bob Rudis  wrote:
>
> It's the top of chain CA cert, so browsers are being lazy and helpful
> to humans by (incorrectly, albeit) relying on the existing trust
> relationship.
>
> libcurl (et al) is not nearly as forgiving.
>
> On Sat, May 30, 2020 at 5:01 PM peter dalgaard  wrote:
> >
> > Odd. Safari has no problem and says certificate expires August 16 2020, but 
> > I also see the download.file issue with 4.0.1 beta:
> >
> > > download.file("https://www.r-project.org;, tempfile())
> > trying URL 'https://www.r-project.org'
> > Error in download.file("https://www.r-project.org;, tempfile()) :
> >   cannot open URL 'https://www.r-project.org'
> > In addition: Warning message:
> > In download.file("https://www.r-project.org;, tempfile()) :
> >   URL 'https://www.r-project.org/': status was 'Peer certificate cannot be 
> > authenticated with given CA certificates'
> >
> > (note slightly different error message).
> >
> > svn is also affected:
> >
> > Peters-MacBook-Air:R pd$ svn up
> > Updating '.':
> > Error validating server certificate for 'https://svn.r-project.org:443':
> >  - The certificate has expired.
> > Certificate information:
> >  - Hostname: *.r-project.org
> >  - Valid: from Aug 16 00:00:00 2018 GMT until Aug 15 23:59:59 2020 GMT
> >  - Issuer: COMODO RSA Domain Validation Secure Server CA, COMODO CA 
> > Limited, Salford, Greater Manchester, GB
> >  - Fingerprint: 93:B8:AF:9F:0A:67:2F:3A:C9:BA:FF:86:BB:2C:08:47:02:7F:1D:8D
> > (R)eject, accept (t)emporarily or accept (p)ermanently? t
> > Usrc/library/grid/R/grob.R
> > 
> >
> > ssltest shows two certificates of which only one is expired?
> >
> > -pd
> >
> >
> >
> > > On 30 May 2020, at 22:17 , Gábor Csárdi  wrote:
> > >
> > > On macOS 10.15.5 and R-devel:
> > >
> > >> download.file("https://www.r-project.org;, tempfile())
> > > trying URL 'https://www.r-project.org'
> > > Error in download.file("https://www.r-project.org;, tempfile()) :
> > >  cannot open URL 'https://www.r-project.org'
> > > In addition: Warning message:
> > > In download.file("https://www.r-project.org;, tempfile()) :
> > >  URL 'https://www.r-project.org': status was 'SSL peer certificate or
> > > SSH remote key was not OK'
> > >
> > > https://www.ssllabs.com/ssltest says:
> > >
> > > COMODO RSA Certification Authority
> > > Fingerprint SHA256:
> > > 4f32d5dc00f715250abcc486511e37f501a899deb3bf7ea8adbbd3aef1c412da
> > > Pin SHA256: grX4Ta9HpZx6tSHkmCrvpApTQGo67CYDnvprLg5yRME=
> > > Valid untilSat, 30 May 2020 10:48:38 UTC (expired 8 hours and 51
> > > minutes ago)   EXPIRED
> > >
> > > AFAICT this is the reason:
> > > https://calnetweb.berkeley.edu/calnet-technologists/incommon-sectigo-certificate-service/addtrust-external-root-expiration-may-2020
> > >
> > > FYI,
> > > Gabor
> > >
> > > __
> > > R-devel@r-project.org mailing list
> > > https://stat.ethz.ch/mailman/listinfo/r-devel
> >
> > --
> > Peter Dalgaard, Professor,
> > Center for Statistics, Copenhagen Business School
> > Solbjerg Plads 3, 2000 Frederiksberg, Denmark
> > Phone: (+45)38153501
> > Office: A 4.23
> > Email: pd@cbs.dk  Priv: pda...@gmail.com
> >
> > __
> > R-devel@r-project.org mailing list
> > https://stat.ethz.ch/mailman/listinfo/r-devel

__
R-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/r-devel

Re: [Rd] r-project.org SSL certificate issues

2020-05-30 Thread Gábor Csárdi

The certificate itself is ok, but some other certificate higher up in
the chain is not. It is possible to have multiple certificate chains,
and only one needs to be successful for to accept the certificate.
Some clients are able to use an alternate chain, so they are fine, but
other clients do not accept some cert(s) for the alternate chain to
work. This is why you get errors only with some clients.

Even Safari works on the same machine, but R does not, probably
because libcurl uses openssl which uses a different set of CA certs.

Gabor

On Sat, May 30, 2020 at 10:01 PM peter dalgaard  wrote:
>
> Odd. Safari has no problem and says certificate expires August 16 2020, but I 
> also see the download.file issue with 4.0.1 beta:
>
> > download.file("https://www.r-project.org;, tempfile())
> trying URL 'https://www.r-project.org'
> Error in download.file("https://www.r-project.org;, tempfile()) :
>   cannot open URL 'https://www.r-project.org'
> In addition: Warning message:
> In download.file("https://www.r-project.org;, tempfile()) :
>   URL 'https://www.r-project.org/': status was 'Peer certificate cannot be 
> authenticated with given CA certificates'
>
> (note slightly different error message).
>
> svn is also affected:
>
> Peters-MacBook-Air:R pd$ svn up
> Updating '.':
> Error validating server certificate for 'https://svn.r-project.org:443':
>  - The certificate has expired.
> Certificate information:
>  - Hostname: *.r-project.org
>  - Valid: from Aug 16 00:00:00 2018 GMT until Aug 15 23:59:59 2020 GMT
>  - Issuer: COMODO RSA Domain Validation Secure Server CA, COMODO CA Limited, 
> Salford, Greater Manchester, GB
>  - Fingerprint: 93:B8:AF:9F:0A:67:2F:3A:C9:BA:FF:86:BB:2C:08:47:02:7F:1D:8D
> (R)eject, accept (t)emporarily or accept (p)ermanently? t
> Usrc/library/grid/R/grob.R
> 
>
> ssltest shows two certificates of which only one is expired?
>
> -pd
>
>
>
> > On 30 May 2020, at 22:17 , Gábor Csárdi  wrote:
> >
> > On macOS 10.15.5 and R-devel:
> >
> >> download.file("https://www.r-project.org;, tempfile())
> > trying URL 'https://www.r-project.org'
> > Error in download.file("https://www.r-project.org;, tempfile()) :
> >  cannot open URL 'https://www.r-project.org'
> > In addition: Warning message:
> > In download.file("https://www.r-project.org;, tempfile()) :
> >  URL 'https://www.r-project.org': status was 'SSL peer certificate or
> > SSH remote key was not OK'
> >
> > https://www.ssllabs.com/ssltest says:
> >
> > COMODO RSA Certification Authority
> > Fingerprint SHA256:
> > 4f32d5dc00f715250abcc486511e37f501a899deb3bf7ea8adbbd3aef1c412da
> > Pin SHA256: grX4Ta9HpZx6tSHkmCrvpApTQGo67CYDnvprLg5yRME=
> > Valid untilSat, 30 May 2020 10:48:38 UTC (expired 8 hours and 51
> > minutes ago)   EXPIRED
> >
> > AFAICT this is the reason:
> > https://calnetweb.berkeley.edu/calnet-technologists/incommon-sectigo-certificate-service/addtrust-external-root-expiration-may-2020
> >
> > FYI,
> > Gabor
> >
> > __
> > R-devel@r-project.org mailing list
> > https://stat.ethz.ch/mailman/listinfo/r-devel
>
> --
> Peter Dalgaard, Professor,
> Center for Statistics, Copenhagen Business School
> Solbjerg Plads 3, 2000 Frederiksberg, Denmark
> Phone: (+45)38153501
> Office: A 4.23
> Email: pd@cbs.dk  Priv: pda...@gmail.com
>
>
>
>
>
>
>
>
>

__
R-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/r-devel

Re: [Bioc-devel] request

2020-05-30 Thread Kumar, Ashwath

Hi Martin,

Thanks for the reply. Thank you so much for clearing this up. I think I got 
confused by the build time and the snapshot time. I believe I was in the middle 
of editing and changing the format in the DESCRIPTION file and I think that’s 
the reason I see the errors in the devel version but not release because I 
committed to the release after the devel branch. I will follow up with the 
nightly build tomorrow which will hopefully reflect my corrected versions. 

Thanks !
Ashwath 

-Original Message-
From: Martin Morgan  
Sent: Saturday, May 30, 2020 5:12 PM
To: Kumar, Ashwath ; Bioc-devel@r-project.org
Subject: Re: [Bioc-devel] request

Please view the nightly build report

http://bioconductor.org/checkResults/devel/bioc-LATEST/CSSQ/

compare the time that your package had a 'snapshot' taken for the build to start

Snapshot Date: 2020-05-29 16:51:41 -0400 (Fri, 29 May 2020)

and commit hash and date of the last commit included in the snapshot

Last Commit: 3094509
Last Changed Date: 2020-05-29 16:58:05 -0400 (Fri, 29 May 2020)

If the commit you are concerned about is after the snapshot date, then you 
missed the start of the build. Or is the commit you are concerned about 
contributing to the build failure reported across all platforms?

Martin

On 5/30/20, 4:00 PM, "Bioc-devel on behalf of Kumar, Ashwath" 
 wrote:


Hello all,

I am the maintainer for CSSQ 
(https://bioconductor.org/packages/release/bioc/html/CSSQ.html). I had made 
some changes  (Re authorship and email addresses) to the package last night. I 
made sure to push them to both the master and RELEASE_3_11 branches and 
confirmed the changes by checking with "git pull" that the changes were made to 
the DESCRIPTION file. Today, after the nightly build, I still don't see the 
changes reflected on the package page and the version is still 1.0.0. I had 
made sure to version number (master branch. 1.1.1 and RELEASE branch 1.0.1). 
Can someone please let me know why this is happening ? 


Thanks,
Ashwath 

___
Bioc-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/bioc-devel
___
Bioc-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/bioc-devel

Re: [Bioc-devel] request

2020-05-30 Thread Martin Morgan

Please view the nightly build report

http://bioconductor.org/checkResults/devel/bioc-LATEST/CSSQ/

compare the time that your package had a 'snapshot' taken for the build to start

Snapshot Date: 2020-05-29 16:51:41 -0400 (Fri, 29 May 2020)

and commit hash and date of the last commit included in the snapshot

Last Commit: 3094509
Last Changed Date: 2020-05-29 16:58:05 -0400 (Fri, 29 May 2020)

If the commit you are concerned about is after the snapshot date, then you 
missed the start of the build. Or is the commit you are concerned about 
contributing to the build failure reported across all platforms?

Martin

On 5/30/20, 4:00 PM, "Bioc-devel on behalf of Kumar, Ashwath" 
 wrote:


Hello all,

I am the maintainer for CSSQ 
(https://bioconductor.org/packages/release/bioc/html/CSSQ.html). I had made 
some changes  (Re authorship and email addresses) to the package last night. I 
made sure to push them to both the master and RELEASE_3_11 branches and 
confirmed the changes by checking with "git pull" that the changes were made to 
the DESCRIPTION file. Today, after the nightly build, I still don't see the 
changes reflected on the package page and the version is still 1.0.0. I had 
made sure to version number (master branch. 1.1.1 and RELEASE branch 1.0.1). 
Can someone please let me know why this is happening ? 


Thanks,
Ashwath 

___
Bioc-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/bioc-devel
___
Bioc-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/bioc-devel

[Bioc-devel] Nightly update not updating my DESCRIPTION information

2020-05-30 Thread Kumar, Ashwath

Hello all,

I am sorry for the duplicate email if any. I didn't realize that I had replied 
to another email instead of writing a new one.



I am the maintainer for CSSQ 
(https://bioconductor.org/packages/release/bioc/html/CSSQ.html). I had made 
some changes  (Re authorship and email addresses) to the package last night. I 
made sure to push them to both the master and RELEASE_3_11 branches and 
confirmed the changes by checking with "git pull" that the changes were made to 
the DESCRIPTION file. Today, after the nightly build, I still don't see the 
changes reflected on the package page and the version is still 1.0.0. I had 
made sure to version number (master branch. 1.1.1 and RELEASE branch 1.0.1). 
Can someone please let me know why this is happening ?





Thanks,

Ashwath


[[alternative HTML version deleted]]

___
Bioc-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/bioc-devel

Re: [Bioc-devel] Package Submission Limbo

2020-05-30 Thread Martin Morgan

Sorry that your packages have not been reviewed more promptly.

We try to have an initial review in two weeks, how long a full review takes 
depends on many factors, including complexity of the review process. Your own 
packages were I believe handled relatively efficiently initially. The release 
at the end of April) is a major activity for us, and necessarily slows the 
overall process down.

We are exploring processes to reduce the reviewer burden so that packages like 
yours are added to Bioconductor more promptly; a major concern is to do so in a 
manner that does not compromise the overall quality of accepted packages.

Martin

On 5/30/20, 4:52 PM, "Bioc-devel on behalf of Chris Eeles" 
 
wrote:

Hello Bioconductor team and community,

My name is Christopher Eeles and I am a software developer in the Benjamin 
Haibe-Kains laboratory at Princess Margaret Cancer Research Centre in Toronto, 
Ontario, Canada.

I am concerned due to inaction on the part of my reviewer for two of my 
package submissions, and am not sure how to move forward.

Initially, I submitted three packages - CoreGx, ToxicoGx and RadioGx - on 
April 4th, 2020 hoping to get included in the May Bioconductor release. It 
became apparent that approval would not be possible in time, as such I 
requested to expedite acceptance of CoreGx (on which the latter two packages 
depend) so it could be included. My reviewer obliged and I am thankful for that.

I was told to resubmit ToxicoGx and RadioGx on separate issues and that the 
review process would continue from where it was for the resubmissions. This 
occurred on April 25th, 2020. Before resubmission I had replied to a round of 
reviewer comments and was waiting for a reply before making more changes.

However, since resubmission I have received no further reviewer comments 
and no reply to my code updates since the last review. RadioGx will be a part 
of a workshop our lab is putting together for Bioconductor conference in July, 
but without acceptance of the package it will have to be installed from GitHub.

Additionally, ToxicoGx is the package that was used to curate data for our 
web application, ToxicoDB, which has been accepted to the NAR web server 
edition. We had assumed that the package would be accepted by now and have had 
criticism from our NAR reviewers about it's lack of availability. Both of these 
packages were available on CRAN before our submission to Bioconductor.

My question is, how do I move forward? Without response from my reviewer I 
do not know which conditions I need to meet for package acceptance? I am 
available to respond to criticism.

Initial submission of these packages occurred almost 2 months ago, and it 
has been over a month since the resubmissions. Is this normal? Are there 
extenuating circumstances of which I am unaware?

Our lab put a lot of time and effort into these packages and wish to share 
them with the Bioconductor community. Does anyone have advice on what I can do 
to get the ball rolling again?

Thanks for your assistance.

Best,
---
Christopher Eeles
Software Developer
BHK Laboratory
Princess Margaret Cancer Centre
University Health Network




[[alternative HTML version deleted]]

___
Bioc-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/bioc-devel
___
Bioc-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/bioc-devel

Re: [Rd] r-project.org SSL certificate issues

2020-05-30 Thread peter dalgaard

Odd. Safari has no problem and says certificate expires August 16 2020, but I 
also see the download.file issue with 4.0.1 beta:

> download.file("https://www.r-project.org;, tempfile())
trying URL 'https://www.r-project.org'
Error in download.file("https://www.r-project.org;, tempfile()) : 
  cannot open URL 'https://www.r-project.org'
In addition: Warning message:
In download.file("https://www.r-project.org;, tempfile()) :
  URL 'https://www.r-project.org/': status was 'Peer certificate cannot be 
authenticated with given CA certificates'

(note slightly different error message).

svn is also affected:

Peters-MacBook-Air:R pd$ svn up
Updating '.':
Error validating server certificate for 'https://svn.r-project.org:443':
 - The certificate has expired.
Certificate information:
 - Hostname: *.r-project.org
 - Valid: from Aug 16 00:00:00 2018 GMT until Aug 15 23:59:59 2020 GMT
 - Issuer: COMODO RSA Domain Validation Secure Server CA, COMODO CA Limited, 
Salford, Greater Manchester, GB
 - Fingerprint: 93:B8:AF:9F:0A:67:2F:3A:C9:BA:FF:86:BB:2C:08:47:02:7F:1D:8D
(R)eject, accept (t)emporarily or accept (p)ermanently? t
Usrc/library/grid/R/grob.R


ssltest shows two certificates of which only one is expired?

-pd



> On 30 May 2020, at 22:17 , Gábor Csárdi  wrote:
> 
> On macOS 10.15.5 and R-devel:
> 
>> download.file("https://www.r-project.org;, tempfile())
> trying URL 'https://www.r-project.org'
> Error in download.file("https://www.r-project.org;, tempfile()) :
>  cannot open URL 'https://www.r-project.org'
> In addition: Warning message:
> In download.file("https://www.r-project.org;, tempfile()) :
>  URL 'https://www.r-project.org': status was 'SSL peer certificate or
> SSH remote key was not OK'
> 
> https://www.ssllabs.com/ssltest says:
> 
> COMODO RSA Certification Authority
> Fingerprint SHA256:
> 4f32d5dc00f715250abcc486511e37f501a899deb3bf7ea8adbbd3aef1c412da
> Pin SHA256: grX4Ta9HpZx6tSHkmCrvpApTQGo67CYDnvprLg5yRME=
> Valid untilSat, 30 May 2020 10:48:38 UTC (expired 8 hours and 51
> minutes ago)   EXPIRED
> 
> AFAICT this is the reason:
> https://calnetweb.berkeley.edu/calnet-technologists/incommon-sectigo-certificate-service/addtrust-external-root-expiration-may-2020
> 
> FYI,
> Gabor
> 
> __
> R-devel@r-project.org mailing list
> https://stat.ethz.ch/mailman/listinfo/r-devel

-- 
Peter Dalgaard, Professor,
Center for Statistics, Copenhagen Business School
Solbjerg Plads 3, 2000 Frederiksberg, Denmark
Phone: (+45)38153501
Office: A 4.23
Email: pd@cbs.dk  Priv: pda...@gmail.com

__
R-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/r-devel

Re: [Rd] r-project.org SSL certificate issues

2020-05-30 Thread Bob Rudis

Yep. It should switch to Let's Encrypt with the automated cert renewals ASAP.

On Sat, May 30, 2020 at 4:17 PM Gábor Csárdi  wrote:
>
> On macOS 10.15.5 and R-devel:
>
> > download.file("https://www.r-project.org;, tempfile())
> trying URL 'https://www.r-project.org'
> Error in download.file("https://www.r-project.org;, tempfile()) :
>   cannot open URL 'https://www.r-project.org'
> In addition: Warning message:
> In download.file("https://www.r-project.org;, tempfile()) :
>   URL 'https://www.r-project.org': status was 'SSL peer certificate or
> SSH remote key was not OK'
>
> https://www.ssllabs.com/ssltest says:
>
> COMODO RSA Certification Authority
> Fingerprint SHA256:
> 4f32d5dc00f715250abcc486511e37f501a899deb3bf7ea8adbbd3aef1c412da
> Pin SHA256: grX4Ta9HpZx6tSHkmCrvpApTQGo67CYDnvprLg5yRME=
> Valid untilSat, 30 May 2020 10:48:38 UTC (expired 8 hours and 51
> minutes ago)   EXPIRED
>
> AFAICT this is the reason:
> https://calnetweb.berkeley.edu/calnet-technologists/incommon-sectigo-certificate-service/addtrust-external-root-expiration-may-2020
>
> FYI,
> Gabor
>
> __
> R-devel@r-project.org mailing list
> https://stat.ethz.ch/mailman/listinfo/r-devel

__
R-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/r-devel

[Bioc-devel] Package Submission Limbo

2020-05-30 Thread Chris Eeles

Hello Bioconductor team and community,

My name is Christopher Eeles and I am a software developer in the Benjamin 
Haibe-Kains laboratory at Princess Margaret Cancer Research Centre in Toronto, 
Ontario, Canada.

I am concerned due to inaction on the part of my reviewer for two of my package 
submissions, and am not sure how to move forward.

Initially, I submitted three packages - CoreGx, ToxicoGx and RadioGx - on April 
4th, 2020 hoping to get included in the May Bioconductor release. It became 
apparent that approval would not be possible in time, as such I requested to 
expedite acceptance of CoreGx (on which the latter two packages depend) so it 
could be included. My reviewer obliged and I am thankful for that.

I was told to resubmit ToxicoGx and RadioGx on separate issues and that the 
review process would continue from where it was for the resubmissions. This 
occurred on April 25th, 2020. Before resubmission I had replied to a round of 
reviewer comments and was waiting for a reply before making more changes.

However, since resubmission I have received no further reviewer comments and no 
reply to my code updates since the last review. RadioGx will be a part of a 
workshop our lab is putting together for Bioconductor conference in July, but 
without acceptance of the package it will have to be installed from GitHub.

Additionally, ToxicoGx is the package that was used to curate data for our web 
application, ToxicoDB, which has been accepted to the NAR web server edition. 
We had assumed that the package would be accepted by now and have had criticism 
from our NAR reviewers about it's lack of availability. Both of these packages 
were available on CRAN before our submission to Bioconductor.

My question is, how do I move forward? Without response from my reviewer I do 
not know which conditions I need to meet for package acceptance? I am available 
to respond to criticism.

Initial submission of these packages occurred almost 2 months ago, and it has 
been over a month since the resubmissions. Is this normal? Are there 
extenuating circumstances of which I am unaware?

Our lab put a lot of time and effort into these packages and wish to share them 
with the Bioconductor community. Does anyone have advice on what I can do to 
get the ball rolling again?

Thanks for your assistance.

Best,
---
Christopher Eeles
Software Developer
BHK Laboratory
Princess Margaret Cancer Centre
University Health Network




[[alternative HTML version deleted]]

___
Bioc-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/bioc-devel

[Rd] r-project.org SSL certificate issues

2020-05-30 Thread Gábor Csárdi

On macOS 10.15.5 and R-devel:

> download.file("https://www.r-project.org;, tempfile())
trying URL 'https://www.r-project.org'
Error in download.file("https://www.r-project.org;, tempfile()) :
  cannot open URL 'https://www.r-project.org'
In addition: Warning message:
In download.file("https://www.r-project.org;, tempfile()) :
  URL 'https://www.r-project.org': status was 'SSL peer certificate or
SSH remote key was not OK'

https://www.ssllabs.com/ssltest says:

COMODO RSA Certification Authority
Fingerprint SHA256:
4f32d5dc00f715250abcc486511e37f501a899deb3bf7ea8adbbd3aef1c412da
Pin SHA256: grX4Ta9HpZx6tSHkmCrvpApTQGo67CYDnvprLg5yRME=
Valid untilSat, 30 May 2020 10:48:38 UTC (expired 8 hours and 51
minutes ago)   EXPIRED

AFAICT this is the reason:
https://calnetweb.berkeley.edu/calnet-technologists/incommon-sectigo-certificate-service/addtrust-external-root-expiration-may-2020

FYI,
Gabor

__
R-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/r-devel

Re: [Bioc-devel] request

2020-05-30 Thread Kumar, Ashwath



Hello all,

I am the maintainer for CSSQ 
(https://bioconductor.org/packages/release/bioc/html/CSSQ.html). I had made 
some changes  (Re authorship and email addresses) to the package last night. I 
made sure to push them to both the master and RELEASE_3_11 branches and 
confirmed the changes by checking with "git pull" that the changes were made to 
the DESCRIPTION file. Today, after the nightly build, I still don't see the 
changes reflected on the package page and the version is still 1.0.0. I had 
made sure to version number (master branch. 1.1.1 and RELEASE branch 1.0.1). 
Can someone please let me know why this is happening ? 


Thanks,
Ashwath 

___
Bioc-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/bioc-devel

[Bioc-devel] request

2020-05-30 Thread Zhen Yang

Dear Biocondcutor admins:

This is Zhen Yang from Fudan University, as the maintainer of the Bioconductor 
package of "FEM" 
(https://bioconductor.org/packages/release/bioc/html/FEM.html), I would like to 
make some update to this package. However, my last email (yangz...@picb.ac.cn) 
has been suspended, I have registered to BioC by using this new Email. I would 
like to ask if I can get the SSH key for The package by using this 
email(zheny...@fudan.edu.cn)? Now I cannot log in to the Bioconductor Git 
Credentials. Seem I need to activate my account.

Thanks a lot and best wishes!

Zhen Yang
Fudan University

___
Bioc-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/bioc-devel

Re: [Rd] r-project.org SSL certificate issues

Re: [Rd] r-project.org SSL certificate issues

Re: [Rd] r-project.org SSL certificate issues

Re: [Rd] r-project.org SSL certificate issues

Re: [Rd] r-project.org SSL certificate issues

Re: [Rd] r-project.org SSL certificate issues

Re: [Rd] r-project.org SSL certificate issues

Re: [Rd] r-project.org SSL certificate issues

Re: [Rd] r-project.org SSL certificate issues

Re: [Bioc-devel] request

Re: [Bioc-devel] request

[Bioc-devel] Nightly update not updating my DESCRIPTION information

Re: [Bioc-devel] Package Submission Limbo

Re: [Rd] r-project.org SSL certificate issues

Re: [Rd] r-project.org SSL certificate issues

[Bioc-devel] Package Submission Limbo

[Rd] r-project.org SSL certificate issues

Re: [Bioc-devel] request

[Bioc-devel] request

19 matches

Site Navigation

Mail list logo

Footer information