Re: Recent OpenSSL changes and CA certs

Ah yes, I know what’s wrong. Cannot right now but will address when I can. > On 13 Oct 2021, at 4:25 pm, Blair Zajac wrote: > > Upgrading from before the latest changes now gets on the openssl port: > > Error: Failed to activate openssl: Image error: > /opt/local/etc/openssl/cert.pem is

Re: Recent OpenSSL changes and CA certs

Upgrading from before the latest changes now gets on the openssl port: Error: Failed to activate openssl: Image error: /opt/local/etc/openssl/cert.pem is being used by the active curl-ca-bundle port. Please deactivate this port first, or use 'port -f activate openssl' to force the activation.

Re: Recent OpenSSL changes and CA certs

Hi, > On 13 Oct 2021, at 9:41 am, Aaron Madlon-Kay wrote: > > Thanks. Two questions: > > 1. Is it not a problem that the user may not have curl-ca-bundle > installed? (I guess it would just be a dangling symlink and that's not > a problem?) I figured a dangling sym. link was no worse than

Re: Recent OpenSSL changes and CA certs

Thanks. Two questions: 1. Is it not a problem that the user may not have curl-ca-bundle installed? (I guess it would just be a dangling symlink and that's not a problem?) 2. Does openssl10 not need the same workaround? -Aaron On Wed, Oct 13, 2021 at 5:35 PM Christopher Jones wrote: > > >

Re: Recent OpenSSL changes and CA certs

Should be addressed by https://github.com/macports/macports-ports/commit/f972290289d1d8370b3ca69554cbcf046c7023fa > On 13 Oct 2021, at 9:21 am, Christopher Jones > wrote: > > > Sorry, forget the

Re: Recent OpenSSL changes and CA certs

Sorry, forget the comment below, read it the wrong way around… > On 13 Oct 2021, at 9:00 am, Christopher Jones > wrote: > > Hi, > > Howe does > > /opt/local/libexec/openssl11/etc/openssl/cert.pem > > get created, as its not actually part of the openssl11 port itself ? > > Oberon

Re: Recent OpenSSL changes and CA certs

Hi, Howe does /opt/local/libexec/openssl11/etc/openssl/cert.pem get created, as its not actually part of the openssl11 port itself ? Oberon ~/Projects/MacPorts/ports > port contents openssl11 | grep cert.pem Oberon ~/Projects/MacPorts/ports > Chris > On 13 Oct 2021, at 5:58 am, Aaron

Re: Recent OpenSSL changes and CA certs

+jon...@macports.org wget also fails after upgrading openssl: $ wget https://registry.npmjs.org/npm --2021-10-12 18:21:00-- https://registry.npmjs.org/npm Resolving registry.npmjs.org (registry.npmjs.org)... 2606:4700::6810:1323, 2606:4700::6810:1923, 2606:4700::6810:1723, ... Connecting to

Re: Recent OpenSSL changes and CA certs

Forget all that stuff I mentioned about rbenv and ruby-build. I can reproduce this with the ruby30 port: % /opt/local/bin/ruby3.0 -r net/http -e 'Net::HTTP.get(URI("https://www.apple.com;))' /opt/local/lib/ruby3.0/3.0.0/net/protocol.rb:46:in `connect_nonblock': SSL_connect returned=1 errno=0

Re: Recent OpenSSL changes and CA certs

The axel port is also affected, it can't download anything that is https after this change. Zhenfu > On Oct 13, 2021, at 00:58, Aaron Madlon-Kay wrote: > > Hi all. > > I know there are some important changes being made to the OpenSSL > ports. Today I updated my ports and now have the

Recent OpenSSL changes and CA certs

Hi all. I know there are some important changes being made to the OpenSSL ports. Today I updated my ports and now have the following installed: % port installed name:openssl The following ports are currently installed: openssl @1.1_0 (active) openssl10 @1.0.2u_2 (active) openssl11