Re: pkg install -forge issues?

[Mike Miller]

On Fri, Dec 16, 2016 at 13:31:18 -0500, Nicholas Jankowski wrote:
> curl -v "https://www.gnu.org";
> 
> returns:
> 
> C:\Octave\octave-4.2.0-w64\bin>curl -v "https://www.gnu.org";
> * Rebuilt URL to: https://www.gnu.org/
> * timeout on name lookup is not supported
> *   Trying 208.118.235.148...
> * Connected to www.gnu.org (208.118.235.148) port 443 (#0)
> * ALPN, offering http/1.1
> * SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
> * server certificate verification failed. CAfile: none CRLfile: none
> * Closing connection 0
> curl: (60) server certificate verification failed. CAfile: none CRLfile:
> none
> More details here: https://curl.haxx.se/docs/sslcerts.html
> 
> curl performs SSL certificate verification by default, using a "bundle"
>  of Certificate Authority (CA) public keys (CA certs). If the default
>  bundle file isn't adequate, you can specify an alternate file
>  using the --cacert option.
> If this HTTPS server uses a certificate signed by a CA represented in
>  the bundle, the certificate verification probably failed due to a
>  problem with the certificate (it might be expired, or the name might
>  not match the domain name in the URL).
> If you'd like to turn off curl's verification of the certificate, use
>  the -k (or --insecure) option.
> 
> 
> 
> 
> Is that it?

Yes, libcurl probably needs to be told where to find a CA certificate
store, and the octave.bat or other start up scripts probably need to set
that up.

The appropriate environment variable is CURL_CA_BUNDLE, which should
point to a single file containing a set of CA certificates in PEM
format. I don't see any reference to that variable in mxe-octave, and
when libcurl is cross-compiled there is no default path built in to the
library.

Please open a bug report about this.

-- 
mike