Joseph Mingrone
8 years ago
Hi,
When trying to connect to news.gname.org [1], GnuTLS complains about the
certificate [2]. A workaround is to download the certificate and update
`gnutls-trustfiles' to point to it. But, now that Let's Encrypt offers
free certificates, could Gmane use a certificate issued by a recognized
authority?
Thanks,
Joseph
[1]
(setq (gnus-secondary-select-methods
'((nntp "news.gmane.org"
(nntp-port-number 563)
(nntp-open-connection-function nntp-open-tls-stream))))
[2]
Checking new news...
gnutls.c: [1] (Emacs) connecting to host: news.gmane.org
gnutls.c: [1] (Emacs) allocating credentials
gnutls.c: [2] (Emacs) allocating x509 credentials
gnutls.c: [2] (Emacs) using default verification flags
gnutls.c: [1] (Emacs) setting the trustfile: /usr/local/share/certs/ca-root-nss.crt
gnutls.c: [1] (Emacs) gnutls callbacks
gnutls.c: [1] (Emacs) gnutls_init
gnutls.c: [1] (Emacs) got non-default priority string: NORMAL
gnutls.c: [1] (Emacs) setting the priority string
gnutls.c: [2] HSK[0x3202000]: sent server name: 'news.gmane.org'
gnutls.c: [1] (Emacs) non-fatal error: Resource temporarily unavailable, try again. [5358 times]
gnutls.c: [2] GNUTLS_SEC_PARAM_LOW: certificate's issuer security level is unacceptable
gnutls.c: [1] (Emacs) verification: certificate was signed with an insecure algorithm
gnutls.c: [1] (Emacs) verification: the certificate was signed by an unknown and therefore untrusted authority
gnutls.c: [1] (Emacs) verification: certificate could not be verified
When trying to connect to news.gname.org [1], GnuTLS complains about the
certificate [2]. A workaround is to download the certificate and update
`gnutls-trustfiles' to point to it. But, now that Let's Encrypt offers
free certificates, could Gmane use a certificate issued by a recognized
authority?
Thanks,
Joseph
[1]
(setq (gnus-secondary-select-methods
'((nntp "news.gmane.org"
(nntp-port-number 563)
(nntp-open-connection-function nntp-open-tls-stream))))
[2]
Checking new news...
gnutls.c: [1] (Emacs) connecting to host: news.gmane.org
gnutls.c: [1] (Emacs) allocating credentials
gnutls.c: [2] (Emacs) allocating x509 credentials
gnutls.c: [2] (Emacs) using default verification flags
gnutls.c: [1] (Emacs) setting the trustfile: /usr/local/share/certs/ca-root-nss.crt
gnutls.c: [1] (Emacs) gnutls callbacks
gnutls.c: [1] (Emacs) gnutls_init
gnutls.c: [1] (Emacs) got non-default priority string: NORMAL
gnutls.c: [1] (Emacs) setting the priority string
gnutls.c: [2] HSK[0x3202000]: sent server name: 'news.gmane.org'
gnutls.c: [1] (Emacs) non-fatal error: Resource temporarily unavailable, try again. [5358 times]
gnutls.c: [2] GNUTLS_SEC_PARAM_LOW: certificate's issuer security level is unacceptable
gnutls.c: [1] (Emacs) verification: certificate was signed with an insecure algorithm
gnutls.c: [1] (Emacs) verification: the certificate was signed by an unknown and therefore untrusted authority
gnutls.c: [1] (Emacs) verification: certificate could not be verified