From: Jelle Licht <jlicht@fsfe.org>
To: "Ludovic Courtès" <ludo@gnu.org>
Cc: help-guix <help-guix@gnu.org>
Subject: Re: tls woes with importers
Date: Fri, 27 Jul 2018 12:38:30 +0200 [thread overview]
Message-ID: <CAPsKtf+T484109FawxiYPYOhjkC=PQyqvM9AS_yAvyg0kmzX+A@mail.gmail.com> (raw)
In-Reply-To: <87wothvaxe.fsf@gnu.org>
[-- Attachment #1: Type: text/plain, Size: 2101 bytes --]
As you said, my $SSL_CERT_DIR was messed up:
"/home/jelle/.guix-profile/etc/ssl/certs:/etc/ssl/certs".
It seems that several tools dislike having :-delimited directories in
SSL_CERT_DIR, I guess?
Either way, uninstalling nss-certs from my user profile, and leaving it in
my system definition as before, fixed the issue.
Kind of a bummer actually, as I really like sharing my user manifest files
between Guix and GuixSD machines.
Thanks Ludo!
2018-07-27 1:23 GMT+02:00 Ludovic Courtès <ludo@gnu.org>:
> Hello Jelle,
>
> Jelle Licht <jlicht@fsfe.org> skribis:
>
> > $ guix import elpa org
> > Backtrace:
> > 13 (primitive-load "/home/jelle/.config/guix/current/bin/g…")
> > In guix/ui.scm:
> > 1579:12 12 (run-guix-command _ . _)
> > In guix/scripts/import.scm:
> > 115:11 11 (guix-import . _)
> > In guix/scripts/import/elpa.scm:
> > 108:23 10 (guix-import-elpa . _)
> > In guix/import/elpa.scm:
> > 249:2 9 (elpa->guix-package "org" _)
> > 182:13 8 (fetch-elpa-package "org" _)
> > 113:18 7 (elpa-package-info "org" _)
> > 85:21 6 (elpa-fetch-archive _)
> > In ice-9/boot-9.scm:
> > 829:9 5 (catch system-error #<procedure 10fb300 at guix/http-c…> …)
> > 829:9 4 (catch srfi-34 #<procedure 10e6f50 at guix/http-client…> …)
> > In guix/http-client.scm:
> > 182:20 3 (_)
> > 88:25 2 (http-fetch _ #:port _ #:text? _ #:buffered? _ # _ # _ # …)
> > In guix/build/download.scm:
> > 398:4 1 (open-connection-for-uri _ #:timeout _ # _)
> > 296:6 0 (tls-wrap #<closed: file 101f0e0> _ # _)
> >
> > guix/build/download.scm:296:6: In procedure tls-wrap:
> > X.509 certificate of 'elpa.gnu.org' could not be verified:
> > signer-not-found
> > invalid
>
> This means that the certificate could not be validated, probably due to
> missing certificates.
>
> Could you make sure to install ‘nss-cert’ and to define ‘SSL_CERT_DIR’
> accordingly? See
> <https://www.gnu.org/software/guix/manual/en/html_node/X_
> 002e509-Certificates.html>.
>
> HTH,
> Ludo’.
>
[-- Attachment #2: Type: text/html, Size: 3071 bytes --]
prev parent reply other threads:[~2018-07-27 10:38 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-07-24 13:25 tls woes with importers Jelle Licht
2018-07-26 23:23 ` Ludovic Courtès
2018-07-27 10:38 ` Jelle Licht [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAPsKtf+T484109FawxiYPYOhjkC=PQyqvM9AS_yAvyg0kmzX+A@mail.gmail.com' \
--to=jlicht@fsfe.org \
--cc=help-guix@gnu.org \
--cc=ludo@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).