FS#73545 - certificate revoked from the main download mirror of the web package download page

Attached to Project: Arch Linux
Opened by timemaster (timemaster) - Saturday, 29 January 2022, 04:25 GMT
Last edited by Florian Pritz (bluewind) - Sunday, 30 January 2022, 09:55 GMT
Task Type Bug Report
Category Mirrors
Status Closed
Assigned To No-one
Architecture All
Severity Medium
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:

When trying to manually download a package from the package website

1. Navigate to "https://archlinux.org/packages/core/any/mkinitcpio/"
2. click on the link "Download From Mirror"
3. Browser goes to "https://archlinux.org/packages/core/any/mkinitcpio/download"
4. Browser is redirected to "https://mirror.pseudoform.org/core/os/x86_64/mkinitcpio-31-2-any.pkg.tar.zst"

Both my vivaldi browser and firefox will refuse to connect to the server and instead show a certificate error.
Vivaldi will show "NET::ERR_CERT_REVOKED", and firefox will show "SEC_ERROR_UNKNOWN_ISSUER".
I checked this bug tracker and the forums and could not find anything new. Connected to the irc channels and someone else confirmed they were affected by this.

The certificate seems to have been revoked.

Test the url at step 4. with these two website :
https://ssltools.godaddy.com/views/certChecker
https://certificate.revocationcheck.com/mirror.pseudoform.org

OCSP Status - revoked

Priority is medium. The web download will not work for any packages, but my pacman is not affected as I don't use this mirror.
This task depends upon

Closed by  Florian Pritz (bluewind)
Sunday, 30 January 2022, 09:55 GMT
Reason for closing:  Works for me
Comment by Florian Pritz (bluewind) - Sunday, 30 January 2022, 09:55 GMT
I believe the website selects a random mirror from your region when you download a file. Anyhow, the certificate appears to have been renewed and I can open the URL just fine in my browser now.

Loading...