guix-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: `guix pull` over HTTPS

From: Leo Famulari
Subject: Re: `guix pull` over HTTPS
Date: Tue, 28 Feb 2017 00:46:16 -0500
User-agent: Mutt/1.7.2 (2016-11-26) 
On Sat, Feb 11, 2017 at 03:28:52PM +0100, Ludovic Courtès wrote:
> Marius Bakke <address@hidden> skribis:
> > I think having a separate 'le-certs' package that can verify the Lets
> > Encrypt chain sounds like the easiest option. Presumably new
> > intermediates etc will be known well in advance.
> 
> That sounds more reasonable to me.  Do you know what it would take to
> get the whole LE chain in such a package?  Would you like to give it a
> try?

I tried it. The next intermediate (also called the "backup") is already
known.

I've made it available here:

https://github.com/lfam/le-certs

You can try it out:

$ echo | openssl s_client -CAfile /tmp/le-certs/le-certs.pem -CApath 
/tmp/le-certs -connect git.savannah.gnu.org:443

Your feedback is requested!

Attachment: signature.asc
Description: PGP signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]