hg ignores corporate root CA installed in /usr/share/ca-certificates
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| mercurial (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
Bug Description
I have installed a corporate root CA using the instructions here:
http://
While this has allowed wget and curl to verify the certificate of an internal website, hg still says "abort [...] certificate verify failed". But it should not say that, because it is configured (by default) to look at the certificates in ca-certificates.
A notable difference between this root certificate and all the others (which are all shipped with Ubuntu), is that the others are all in text format, whereas this new root cert is in binary format.
ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: mercurial 2.0.2-1ubuntu1
ProcVersionSign
Uname: Linux 3.2.0-24-
NonfreeKernelMo
ApportVersion: 2.0.1-0ubuntu7
Architecture: i386
Date: Mon May 14 17:34:42 2012
EcryptfsInUse: Yes
InstallationMedia: Ubuntu 11.04 "Natty Narwhal" - Release i386 (20110427.1)
ProcEnviron:
LANGUAGE=en_GB:en
TERM=xterm
PATH=(custom, user)
LANG=en_GB.UTF-8
SHELL=/bin/bash
SourcePackage: mercurial
UpgradeStatus: Upgraded to precise on 2012-04-27 (17 days ago)
| Robin Green (greenrd) wrote | #1 |
| Robin Green (greenrd) wrote | #2 |
OK, I see that binary cert formats are officially not supported by hg. But I installed a text version of the root CA and it still didn't work.