Cuando ejecuto M-x list-packages
me sale el siguiente error con Marmalade después de actualizar a Emacs 25.
Certificate information
Issued by: COMODO RSA Domain Validation Secure Server CA
Issued to: Domain Control Validated
Hostname: marmalade-repo.org
Public key: RSA, signature: RSA-SHA256
Protocol: TLS1.2, key: ECDHE-RSA, cipher: AES-256-GCM, mac: AEAD
Security level: Medium
Valid: From 2015-07-12 to 2018-07-11
The TLS connection to marmalade-repo.org:443 is insecure for the
following reasons:
the certificate was signed by an unknown and therefore untrusted authority
certificate could not be verified
.emacs
Código relevante : (.emacs completo aquí )
(require 'package)
(add-to-list 'package-archives
'("melpa" . "http://melpa.org/packages/") t)
(add-to-list 'package-archives
'("gnu" . "http://elpa.gnu.org/packages/") t)
(add-to-list 'package-archives
'("marmalade" . "http://marmalade-repo.org/packages/") t)
(package-initialize)
;; bootstrap use-package
;; https://github.com/jwiegley/use-package/
(unless (package-installed-p 'use-package)
(package-refresh-contents)
(package-install 'use-package))
(eval-when-compile (require 'use-package))
También traté de resolverlo con la sugerencia de gnutils-cli : $ gnutls-cli --tofu marmalade-repo.org
pero no pude hacerlo funcionar todavía. ¿Algunas ideas?
$ gnutls-cli --tofu marmalade-repo.org
gnutls-cli --tofu marmalade-repo.org
Processed 173 CA certificate(s).
Resolving 'marmalade-repo.org:443'...
Connecting to '80.69.77.43:443'...
- Certificate type: X.509
- Got a certificate list of 1 certificates.
- Certificate[0] info:
- subject `CN=marmalade-repo.org,OU=PositiveSSL,OU=Domain Control Validated', issuer `CN=COMODO RSA Domain Validation Secure Server C
A,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB', serial 0x5f7ce5cf6602297b4cbd14639b670e7d, RSA key 2048 bits, signed usin
g RSA-SHA256, activated `2015-07-12 00:00:00 UTC', expires `2018-07-11 23:59:59 UTC', SHA-1 fingerprint `6e080a477d14631d2edf839de582a
c04d4363d09'
Public Key ID:
aba6d76ab3d363fa190d654160236eefd32a46dc
Public key's random art:
+--[ RSA 2048]----+
| . +oo |
| . o . . |
| o o |
| . . o |
| . .S |
| o.E= |
| . o= o |
| O.== |
| .*=X+. |
+-----------------+
- Status: The certificate is NOT trusted. The certificate issuer is unknown.
*** PKI verification of server certificate failed...
- Description: (TLS1.2)-(ECDHE-RSA-SECP256R1)-(AES-256-GCM)
- Session ID: 53:BF:2F:D2:86:74:BD:BC:85:A8:67:12:0B:39:7A:12:EA:2F:91:1F:8E:06:5E:94:7F:20:11:4F:FC:51:60:8F
- Ephemeral EC Diffie-Hellman parameters
- Using curve: SECP256R1
- Curve size: 256 bits
- Key Exchange: ECDHE-RSA
- Server Signature: RSA-SHA256
- Cipher: AES-256-GCM
- MAC: AEAD
- Compression: NULL
- Options: safe renegotiation,
- Handshake was completed
- Simple Client Mode:
*** Fatal error: The TLS connection was non-properly terminated.
*** Server has terminated the connection abnormally.
Problema no resuelto relacionado : la configuración del servidor TLS está rota y vulnerable # 144
package-repositories
marcanuy
fuente
fuente
Respuestas:
La configuración del servidor en marmalade.org está rota: no sirve el certificado intermedio que está utilizando. Esto se ha señalado en media docena de problemas ahora en https://github.com/nicferrier/elmarmalade : no puedo discernir ninguna acción.
Entonces se puede decir que la mermelada está extinta.
Desafortunadamente, todavía no sé cómo hacer que el administrador de paquetes de Emacs vuelva a funcionar en presencia de este error.
fuente
Tengo que esto funcione descargando el archivo PEM para [Intermedio CA # 2] COMODO RSA Secure Organización Validación del servidor de CA (SHA-2) en
~/etc/tls/certificates/comodo.rsa.ca.intermediate.crt
y añadiendo lo siguiente a.emacs
:fuente