New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update cacert.pem to latest version #4296
Conversation
Sync Master with Joomla's
Same should be patched https://github.com/joomla-framework/http/blob/master/src/Transport/cacert.pem |
Done: Thanks! |
👍 |
Let's see which team is quicker at merging :P |
Now that's no fair. It's physically impossible for one person to click two merge buttons at once :-P |
Update cacert.pem to latest version
:D Thanks Michael! |
I"m not 100% sure about this, but since the Joomla 3.3.4 update, which included this cacert update, The Joomla Update Manager and Install From Web are generating certificate errors: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed This is when attempting to download a zip file from Amazon S3, in this case specifically - https://jce2.s3.amazonaws.com/updates/com_jce_243.zip When the URL for the update is changed to a Windows Azure blob - https://jce.blob.core.windows.net/updates/com_jce_243.zip - no errors are generated and the extension installs. |
Hi Ryan, All I did was grab the latest file from http://curl.haxx.se/ca/cacert.pem (the official source) and use it instead. Could you check that the issue doesn't occur in 3.3.3? It might just be a coincidence that you're getting this now after 3.3.4's release (not saying that's the case, but worth checking). |
I just tried install from web on 3.3.3 and 3.3.4 with the url that you said wasnt working using google chrome on osx and I had no issue |
Thanks Brian! By the way, I think it's dependent on the server environment that Joomla is installed on. If the latest certificate (of the server hosting the file) isn't in libraries/joomla/http/transport/cacert.pem and the server (that's downloading the file) doesn't have it either, the error will trigger. However, if the server that's downloading the file does have the certificate, it won't trigger. The best thing to do, if possible, is contribute the updated certificate to the cacert.pem source: However, I don't know where we could do that and if Mozilla even accepts contributions for it. |
Quite right I forgot that. On 25 September 2014 20:05, Nick Savov notifications@github.com wrote:
Brian Teeman |
Source: http://curl.haxx.se/ca/cacert.pem