The SSL certificate is invalid

[radare]

For some reason I get this:

$ cargo build --verbose
    Updating registry `https://github.com/rust-lang/crates.io-index`
Unable to update registry https://github.com/rust-lang/crates.io-index

Caused by:
  failed to fetch `https://github.com/rust-lang/crates.io-index`

Caused by:
  [16] The SSL certificate is invalid

But i can't find a way to get more information (why this cert is invalid), and having at least one commandline option or environment variable to ignore them would be helpful

[radare]

$ rustc -vV
rustc 1.2.0-dev
binary: rustc
commit-hash: unknown
commit-date: unknown
host: x86_64-unknown-linux-gnu
release: 1.2.0-dev
$ cargo -vV
cargo 0.4.0 (built 2015-08-17)

[kulbida]

Is there any progress on this?

[alexcrichton]

This looks like Cargo may have been built from scratch rather than being a nightly, @radare how'd you install Cargo/Rust to get this error?

Unfortunately I think we're giving as much information as we've got right now, I'm not sure if there's more contextual information cargo has to propagate upwards.

[radare]

I can reproduce it with the package of voidlinux. The nightly build from the cargo web page works as expected

On 01 Oct 2015, at 02:22, Alex Crichton notifications@github.com wrote:

This looks like Cargo may have been built from scratch rather than being a nightly, @radare how'd you install Cargo/Rust to get this error?

Unfortunately I think we're giving as much information as we've got right now, I'm not sure if there's more contextual information cargo has to propagate upwards.

—
Reply to this email directly or view it on GitHub.

[alexcrichton]

Oh interesting! What's voidlinux? Is there something I can do to reproduce this locally?

[radare]

http://voidlinux.eu http://voidlinux.eu/

I guess you can reproduce this issue by downloading the r2live iso http://bin.rada.re/r2live-20150901.iso http://bin.rada.re/r2live-20150901.iso which is based on voidlinux, and then install cargo like this:

xbps-install cargo

git clone any rust project and run cargo update. iirc downloading the nightly official build seems to work fine.

you can check the pkg template here:

https://github.com/voidlinux/void-packages/blob/master/srcpkgs/cargo/template https://github.com/voidlinux/void-packages/blob/master/srcpkgs/cargo/template

thanks!

On 02 Oct 2015, at 19:07, Alex Crichton notifications@github.com wrote:

Oh interesting! What's voidlinux? Is there something I can do to reproduce this locally?

—
Reply to this email directly or view it on GitHub #1978 (comment).

[alexcrichton]

Hm so I didn't quite go the route of installing from scratch, but I ran the docker image for voidlinux after which I did:

$ xbps-install -Sy cargo git gcc
$ git clone https://github.com/alexcrichton/tar-rs
$ cd tar-rs
$ cargo test

And everything worked out ok? Perhaps something is misconfigured locally? Do the certificates installed need to be updated perhaps?

[MagaTailor]

I'm also seeing this issue on 64-bit Porteus.

There was no problem with the 32-bit version of Porteus using my own builds of cargo but the 64-bit version and the official x86_64 nightly are producing the error.

The system date is correct and no other app complains about certificates.

EDIT:
Voidlinux home page says they're using LibreSSL, Porteus has OpenSSL.

[alexcrichton]

@petevine like with the case above, is there a way that I would be able to reproduce this? Cargo has to do a little work to discover the system certificates and it could be that they're not being discovered

[MagaTailor]

Almost certainly the problem here as the filesystem layout is a little different between the two versions.

You probably shouldn't waste too much time on trying to run the live distro yourself (http://build.porteus.org/) but maybe you could provide a few hints where cargo's expecting to find the certs so that symlinking would be enough.

I'm going to find out if the certs' locations are different and report back.

[alexcrichton]

You can find the current search locations in the openssl-sys crate, but I can also try to run something in docker if there's an image available somewhere perhaps?

[MagaTailor]

Thx, I'll have a look.

The porteus link above will lead you to an image creation wizard so as long as you pick 64bit (uefi) it probably won't matter what other options you choose.

[alexcrichton]

Oh holy cow sorry! I think I accidentally deleted @petevine's last comment, so here it is:

I was right asking you to hold back :)

After investigating both setups it looks like I'd stumbled on a distro bug - the certificates package is missing from the 64bit version (could be related to different browser and DE choices somehow).

Thanks for taking a look @petevine! @radare any updated on the voidlinux side of things?

[radare]

@alexcrichton no news, still the same problems