Gene> OK, first the environment variable ... this does not work!
Gene> export CURL_CA_BUNDLE=/etc/pki/tls/certs/ca-bundle.crt
Gene> set
Gene> <deleted>
Gene> CURL_CA_BUNDLE=/etc/pki/tls/certs/ca-bundle.crt
Gene> <deleted>
Gene> bzr launchpad-login gene-czarc
Gene> bzr: ERROR: pycurl.error: (60, 'Peer certificate cannot
Gene> be authenticated with known CA certificates')
I'd guess launchpad uses a certificate that is used by a
Certificate Authority (CA) which is not described in
/etc/pki/tls/certs/ca-bundle.crt.
If you can connect to launchpad.net from a browser, getting the
CA should be easy, then you can check that it appears in
/etc/pki/tls/certs/ca-bundle.crt.
A work-around will then be to get that CA certificate, put it in
a file in the right format and gives *that* file path to
CURL_CA_BUNDLE.
The underlying problem being that the responsibility of
distributing the CA certificates is viewed differently between
distributions and browsers (which are the main users).
>>>>> "Gene" == Gene Czarcinski <email address hidden> writes:
Gene> OK, first the environment variable ... this does not work! BUNDLE= /etc/pki/ tls/certs/ ca-bundle. crt BUNDLE= /etc/pki/ tls/certs/ ca-bundle. crt
Gene> export CURL_CA_
Gene> set
Gene> <deleted>
Gene> CURL_CA_
Gene> <deleted>
Gene> bzr launchpad-login gene-czarc
Gene> bzr: ERROR: pycurl.error: (60, 'Peer certificate cannot
Gene> be authenticated with known CA certificates')
I'd guess launchpad uses a certificate that is used by a tls/certs/ ca-bundle. crt.
Certificate Authority (CA) which is not described in
/etc/pki/
If you can connect to launchpad.net from a browser, getting the tls/certs/ ca-bundle. crt.
CA should be easy, then you can check that it appears in
/etc/pki/
A work-around will then be to get that CA certificate, put it in
a file in the right format and gives *that* file path to
CURL_CA_BUNDLE.
The underlying problem being that the responsibility of
distributing the CA certificates is viewed differently between
distributions and browsers (which are the main users).