Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#73545 - certificate revoked from the main download mirror of the web package download page
Attached to Project:
Arch Linux
Opened by timemaster (timemaster) - Saturday, 29 January 2022, 04:25 GMT
Last edited by Florian Pritz (bluewind) - Sunday, 30 January 2022, 09:55 GMT
Opened by timemaster (timemaster) - Saturday, 29 January 2022, 04:25 GMT
Last edited by Florian Pritz (bluewind) - Sunday, 30 January 2022, 09:55 GMT
|
DetailsDescription:
When trying to manually download a package from the package website 1. Navigate to "https://archlinux.org/packages/core/any/mkinitcpio/" 2. click on the link "Download From Mirror" 3. Browser goes to "https://archlinux.org/packages/core/any/mkinitcpio/download" 4. Browser is redirected to "https://mirror.pseudoform.org/core/os/x86_64/mkinitcpio-31-2-any.pkg.tar.zst" Both my vivaldi browser and firefox will refuse to connect to the server and instead show a certificate error. Vivaldi will show "NET::ERR_CERT_REVOKED", and firefox will show "SEC_ERROR_UNKNOWN_ISSUER". I checked this bug tracker and the forums and could not find anything new. Connected to the irc channels and someone else confirmed they were affected by this. The certificate seems to have been revoked. Test the url at step 4. with these two website : https://ssltools.godaddy.com/views/certChecker https://certificate.revocationcheck.com/mirror.pseudoform.org OCSP Status - revoked Priority is medium. The web download will not work for any packages, but my pacman is not affected as I don't use this mirror. |
This task depends upon
Closed by Florian Pritz (bluewind)
Sunday, 30 January 2022, 09:55 GMT
Reason for closing: Works for me
Sunday, 30 January 2022, 09:55 GMT
Reason for closing: Works for me
Comment by Florian Pritz (bluewind) -
Sunday, 30 January 2022, 09:55 GMT
I believe the website selects a random mirror from your region when you download a file. Anyhow, the certificate appears to have been renewed and I can open the URL just fine in my browser now.