GNU bug report logs -
#50921
GNU ELPA TLS errors: server is returning chain with expired root
Previous Next
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 50921 in the body.
You can then email your comments to 50921 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#50921; Package
emacs.
(Thu, 30 Sep 2021 20:25:01 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
John Cummings <john <at> rootabega.net>:
New bug report received and forwarded. Copy sent to
bug-gnu-emacs <at> gnu.org.
(Thu, 30 Sep 2021 20:25:01 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
I'm not sure if we are supposed to report infrastructure problems as Emacs bugs, but it should be easy to close if not. I, and at least a few others, have had TLS connection problems to GNU ELPA in the last day or two, with the errors:
|Issued by: R3
|Issued to: CN=elpa.gnu.org
|Hostname: elpa.gnu.org
|Public key: RSA, signature: RSA-SHA256
|Protocol: TLS1.3, key: ECDHE-RSA, cipher: AES-256-GCM, mac: AEAD
|Security level: Medium
|Valid: From 2021-09-28 to 2021-12-27
|
|
|The TLS connection to elpa.gnu.org:443 is insecure for the following
|reasons:
|
|certificate has expired
|certificate could not be verified
It appears that elpa.gnu.org is returning a certificate chain referring to a root certificate that expired today. (More info: https://twitter.com/letsencrypt/status/1443621997288767491) I don't know if GnuTLS is supposed to be able to work around this (Firefox seems to, for instance), but I think it's a safe bet this is the cause of these connection errors.
I confirmed the chain that Emacs is seeing a couple ways. In Emacs 28, the security prompt lets you view certificate details by hitting "d", and in that window I confirmed it is seeing the root cert "CN=DST Root CA X3,O=Digital Signature Trust Co."
I also attached the chain I got by running:
openssl s_client -showcerts -servername elpa.gnu.org -connect elpa.gnu.org:443
Thanks!
[chain.pem (application/x-x509-ca-cert, attachment)]
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#50921; Package
emacs.
(Thu, 30 Sep 2021 20:48:01 GMT)
Full text and
rfc822 format available.
Message #8 received at 50921 <at> debbugs.gnu.org (full text, mbox):
John Cummings <john <at> rootabega.net> wrote:
> It appears that elpa.gnu.org is returning a certificate chain referring
> to a root certificate that expired today. (More info:
> https://twitter.com/letsencrypt/status/1443621997288767491) I don't know
> if GnuTLS is supposed to be able to work around this (Firefox seems to, for instance)
One possibility (and note here that I'm clearly not a TLS expert) is that
Firefox recognizes the intermediate cert "ISRG Root X1" as one that is also
now a trusted root cert, and so short circuits the rest of the chain,
ignoring the expired cross-signature. Is this something that is possible
and desirable to have Emacs do with GnuTLS?
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#50921; Package
emacs.
(Thu, 30 Sep 2021 21:04:01 GMT)
Full text and
rfc822 format available.
Message #11 received at 50921 <at> debbugs.gnu.org (full text, mbox):
John Cummings <john <at> rootabega.net> writes:
> John Cummings <john <at> rootabega.net> wrote:
>
>> It appears that elpa.gnu.org is returning a certificate chain referring
>> to a root certificate that expired today. (More info:
>> https://twitter.com/letsencrypt/status/1443621997288767491) I don't know
>> if GnuTLS is supposed to be able to work around this (Firefox seems to, for instance)
>
> One possibility (and note here that I'm clearly not a TLS expert) is that
> Firefox recognizes the intermediate cert "ISRG Root X1" as one that is also
> now a trusted root cert, and so short circuits the rest of the chain,
> ignoring the expired cross-signature. Is this something that is possible
> and desirable to have Emacs do with GnuTLS?
Not only that: I deleted the offending line from my ~/.ssh/known_hosts,
re-accepted the key as valid (of course I have no idea), and attempted
to pull, and it asked me for my Savannah password -- ie, did not go to
my local ssh key.
That really made me wonder -- does that mean we've switched machines
altogether, and the new machines don't have our public keys? I don't
know how all these things work well enough to know what's going on, but
it certainly seems broken.
Reply sent
to
Eli Zaretskii <eliz <at> gnu.org>:
You have taken responsibility.
(Fri, 01 Oct 2021 05:51:01 GMT)
Full text and
rfc822 format available.
Notification sent
to
John Cummings <john <at> rootabega.net>:
bug acknowledged by developer.
(Fri, 01 Oct 2021 05:51:02 GMT)
Full text and
rfc822 format available.
Message #16 received at 50921-done <at> debbugs.gnu.org (full text, mbox):
> Date: Thu, 30 Sep 2021 20:24:28 +0000
> From: John Cummings <john <at> rootabega.net>
>
> I'm not sure if we are supposed to report infrastructure problems as Emacs bugs, but it should be easy to close if not. I, and at least a few others, have had TLS connection problems to GNU ELPA in the last day or two, with the errors:
>
> |Issued by: R3
> |Issued to: CN=elpa.gnu.org
> |Hostname: elpa.gnu.org
> |Public key: RSA, signature: RSA-SHA256
> |Protocol: TLS1.3, key: ECDHE-RSA, cipher: AES-256-GCM, mac: AEAD
> |Security level: Medium
> |Valid: From 2021-09-28 to 2021-12-27
> |
> |
> |The TLS connection to elpa.gnu.org:443 is insecure for the following
> |reasons:
> |
> |certificate has expired
> |certificate could not be verified
>
> It appears that elpa.gnu.org is returning a certificate chain referring to a root certificate that expired today. (More info: https://twitter.com/letsencrypt/status/1443621997288767491) I don't know if GnuTLS is supposed to be able to work around this (Firefox seems to, for instance), but I think it's a safe bet this is the cause of these connection errors.
It isn't our issue, it's a possible issue with gnu.org infrastructure
and "older" TLS libraries. The issue is known to GNU sysadmins and
they are working on it. However, what they advise is to upgrade your
TLS libraries. Here's a quote from what they told me:
[GNU machines] have a lets encrypt cert that is valid, it seems some
older tls libraries dont like that is has 2 alternate intermediate
certificates and one of them expired.
So this is not an Emacs problem, and I'm therefore closing this bug.
If you want to pursue this further, please write to sysadmin <at> gnu.org.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#50921; Package
emacs.
(Mon, 04 Oct 2021 15:35:01 GMT)
Full text and
rfc822 format available.
Message #19 received at 50921 <at> debbugs.gnu.org (full text, mbox):
Nice summary of what I assume is the same issue at:
http://savannah.nongnu.org/forum/forum.php?forum_id=10054
If you are experiencing invalid certificate chain problems with Let's
Encrypt certificates (not a Savannah problem) then please upgrade
your client to the latest security patches for your system.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#50921; Package
emacs.
(Mon, 04 Oct 2021 19:51:02 GMT)
Full text and
rfc822 format available.
Message #22 received at 50921 <at> debbugs.gnu.org (full text, mbox):
Glenn Morris <rgm <at> gnu.org> writes:
> Nice summary of what I assume is the same issue at:
>
> http://savannah.nongnu.org/forum/forum.php?forum_id=10054
>
> If you are experiencing invalid certificate chain problems with Let's
> Encrypt certificates (not a Savannah problem) then please upgrade
> your client to the latest security patches for your system.
FWIW I had to disable strict checking for this host in order to get ssh
to connect. I'm on Arch Linux, which has no old libraries: if anything,
it's what everyone else can expect in the future.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#50921; Package
emacs.
(Mon, 04 Oct 2021 20:22:01 GMT)
Full text and
rfc822 format available.
Message #25 received at 50921 <at> debbugs.gnu.org (full text, mbox):
Since gnu.org has replied to this bug, seemingly on behalf of GNU, I feel fine continuing the dialog. Is there a reason that GNU/FSF wants the servers to present this cert chain?
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#50921; Package
emacs.
(Mon, 04 Oct 2021 21:29:02 GMT)
Full text and
rfc822 format available.
Message #28 received at 50921 <at> debbugs.gnu.org (full text, mbox):
?
ssh is unrelated to https, so I think whatever issue you are talking
about is unrelated to the topic of this report.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#50921; Package
emacs.
(Mon, 04 Oct 2021 21:39:01 GMT)
Full text and
rfc822 format available.
Message #31 received at 50921 <at> debbugs.gnu.org (full text, mbox):
Glenn Morris wrote:
> ssh is unrelated to https, so I think whatever issue you are talking
> about is unrelated to the topic of this report.
Perhaps your issue is:
https://savannah.nongnu.org/support/?110545
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#50921; Package
emacs.
(Mon, 04 Oct 2021 21:48:01 GMT)
Full text and
rfc822 format available.
Message #34 received at 50921 <at> debbugs.gnu.org (full text, mbox):
On 10/04/21 17:38 PM, Glenn Morris wrote:
> Glenn Morris wrote:
>
>> ssh is unrelated to https, so I think whatever issue you are talking
>> about is unrelated to the topic of this report.
Gah, you're right, I was confusing the two issues (I started getting the
angry SSH banner about the fingerprint change right at the same time as
the TLS issue was raised, and conflated them in my head).
> Perhaps your issue is:
> https://savannah.nongnu.org/support/?110545
I _also_ had that issue. I ended up solving it by creating a new ssh key
that used ED25519 and using that for my account instead. That worked
fine.
Sorry for the noise,
Eric
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Tue, 02 Nov 2021 11:24:06 GMT)
Full text and
rfc822 format available.
This bug report was last modified 2 years and 176 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.