Emacs, GnuTLS, and DST Root CA X3
Jib Style
jibstyle209@gmail.com
Tue Oct 5 08:22:22 GMT 2021
Several days ago, root certificate "DST Root CA X3" expired, breaking
TLS for many clients. I believe the lastest version of GnuTLS available
on Cygwin (3.6.9, 2 years ago) is impacted. Is anyone able to publish a
newer version of this package?
This impacts me as I use Cygwin Emacs and can no longer open TLS
connections to many hosts for the purposes of web browsing and
newsgroups. I believe all other Cygwin Emacs users would be impacted
also.
Repro steps:
1. Install Cygwin default packages.
2. Install Cygwin package emacs-w32 27.2-1.
3. In Cygwin terminal: emacs -nw -Q
4. In Emacs: M-: (url-retrieve-synchronously "https://gnu.org")
Expected: Emacs should load webpage and return a buffer.
Actual: Emacs network security manager says certificate expired/could
not be verified.
After discussing this in the #emacs Libera.chat IRC, the consensus was
that the old GnuTLS version is to blame, and that a newer version would
fix the problem.
Does anyone have similar issues or tips on how to resolve? Thank you.
More information about the Cygwin
mailing list