On Tuesday 28 April 2009, 10:08:26, you wrote: > Can you get apt-transport-https to generate debug logs?
yes, I attached a log after adding 'Debug::Acquire::https "true";' to the apt- conf.d/<mystuff> file. > If there isn't > code in it already, you may need to add something like this: I cannot add this in a simple way, main method/https.cc just invokes "curl_global_init(CURL_GLOBAL_SSL) ;" > It is difficult to debug this further without the information printed by > the gnutls log. I hope tah the attached log could be enough. -- ESC:wq -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Hit http://develop2 lenny Release.gpg * About to connect() to <random.url.com> port 443 (#0) * Trying <publicip>... * connected * Connected to <random.url.com> (<publicip>) port 443 (#0) Hit http://develop2 lenny Release * found 1 certificates in /etc/apt/certs/<random.url.com>-cacert.pem Ign http://develop2 lenny/main Packages/DiffIndex Hit http://develop2 lenny/main Packages * server certificate verification OK * common name: <random.url.com> (matched) * server certificate expiration date OK * server certificate activation date OK * certificate public key: RSA * certificate version: #3 * subject: C=IT,ST=Italy,L=<random_city>,O=<randomcomp> Certification Authority,OU=R&D,CN=<random.url.com>,EMAIL=rd@<randomcomp>.com * start date: Wed, 22 Apr 2009 13:02:50 GMT * expire date: Thu, 22 Apr 2010 13:02:50 GMT * issuer: C=IT,ST=Italy,L=<random_city>,O=<randomcomp> Certification Authority,OU=R&D,CN=<random.url.com>,EMAIL=rd@<randomcomp>.com * compression: NULL * cipher: AES-128-CBC * MAC: SHA1 > GET /debian/dists/lenny/Release.gpg HTTP/1.1 User-Agent: Debian APT-CURL/1.0 (0.7.21) Host: <random.url.com> Accept: */* Cache-Control: max-age=0 * gnutls_handshake() failed: Decryption has failed. * GnuTLS recv error (-10): The specified session has been invalidated for some reason. * Connection #0 to host <random.url.com> left intact * Connection #0 seems to be dead! * Closing connection #0 * About to connect() to <random.url.com> port 443 (#0) * Trying <publicip>... * connected * Connected to <random.url.com> (<publicip>) port 443 (#0) * found 1 certificates in /etc/apt/certs/<random.url.com>-cacert.pem * server certificate verification OK * common name: <random.url.com> (matched) * server certificate expiration date OK * server certificate activation date OK * certificate public key: RSA * certificate version: #3 * subject: C=IT,ST=Italy,L=<random_city>,O=<randomcomp> Certification Authority,OU=R&D,CN=<random.url.com>,EMAIL=rd@<randomcomp>.com * start date: Wed, 22 Apr 2009 13:02:50 GMT * expire date: Thu, 22 Apr 2010 13:02:50 GMT * issuer: C=IT,ST=Italy,L=<random_city>,O=<randomcomp> Certification Authority,OU=R&D,CN=<random.url.com>,EMAIL=rd@<randomcomp>.com * compression: NULL * cipher: AES-128-CBC * MAC: SHA1 > GET /debian/dists/lenny/Release HTTP/1.1 User-Agent: Debian APT-CURL/1.0 (0.7.21) Host: <random.url.com> Accept: */* If-Modified-Since: Tue, 28 Apr 2009 09:38:37 GMT Cache-Control: max-age=0 * gnutls_handshake() failed: Decryption has failed. * GnuTLS recv error (-10): The specified session has been invalidated for some reason. * Connection #0 to host <random.url.com> left intact Ign https://<random.url.com> lenny Release * Connection #0 seems to be dead! * Closing connection #0 * About to connect() to <random.url.com> port 443 (#0) * Trying <publicip>... * connected * Connected to <random.url.com> (<publicip>) port 443 (#0) * found 1 certificates in /etc/apt/certs/<random.url.com>-cacert.pem * server certificate verification OK * common name: <random.url.com> (matched) * server certificate expiration date OK * server certificate activation date OK * certificate public key: RSA * certificate version: #3 * subject: C=IT,ST=Italy,L=<random_city>,O=<randomcomp> Certification Authority,OU=R&D,CN=<random.url.com>,EMAIL=rd@<randomcomp>.com * start date: Wed, 22 Apr 2009 13:02:50 GMT * expire date: Thu, 22 Apr 2010 13:02:50 GMT * issuer: C=IT,ST=Italy,L=<random_city>,O=<randomcomp> Certification Authority,OU=R&D,CN=<random.url.com>,EMAIL=rd@<randomcomp>.com * compression: NULL * cipher: AES-128-CBC * MAC: SHA1 > GET /debian/dists/lenny/main/binary-i386/Packages.diff/Index HTTP/1.1 User-Agent: Debian APT-CURL/1.0 (0.7.21) Host: <random.url.com> Accept: */* If-Modified-Since: Tue, 28 Apr 2009 09:38:38 GMT Cache-Control: max-age=0 * gnutls_handshake() failed: Decryption has failed. * GnuTLS recv error (-10): The specified session has been invalidated for some reason. * Connection #0 to host <random.url.com> left intact * Connection #0 seems to be dead! * Closing connection #0 * About to connect() to <random.url.com> port 443 (#0) * Trying <publicip>... * connected * Connected to <random.url.com> (<publicip>) port 443 (#0) * found 1 certificates in /etc/apt/certs/<random.url.com>-cacert.pem * server certificate verification OK * common name: <random.url.com> (matched) * server certificate expiration date OK * server certificate activation date OK * certificate public key: RSA * certificate version: #3 * subject: C=IT,ST=Italy,L=<random_city>,O=<randomcomp> Certification Authority,OU=R&D,CN=<random.url.com>,EMAIL=rd@<randomcomp>.com * start date: Wed, 22 Apr 2009 13:02:50 GMT * expire date: Thu, 22 Apr 2010 13:02:50 GMT * issuer: C=IT,ST=Italy,L=<random_city>,O=<randomcomp> Certification Authority,OU=R&D,CN=<random.url.com>,EMAIL=rd@<randomcomp>.com * compression: NULL * cipher: AES-128-CBC * MAC: SHA1 > GET /debian/dists/lenny/main/binary-i386/Packages.bz2 HTTP/1.1 User-Agent: Debian APT-CURL/1.0 (0.7.21) Host: <random.url.com> Accept: */* If-Modified-Since: Mon, 27 Apr 2009 15:17:23 GMT Cache-Control: max-age=0 * gnutls_handshake() failed: Decryption has failed. * GnuTLS recv error (-10): The specified session has been invalidated for some reason. * Connection #0 to host <random.url.com> left intact bzip2: (stdin) is not a bzip2 file. Err https://<random.url.com> lenny/main Packages Sub-process bzip2 returned an error code (2) Fetched 140B in 0s (266B/s) W: GPG error: https://<random.url.com> lenny Release: The following signatures were invalid: NODATA 1 NODATA 2 W: Failed to fetch https://<random.url.com>/debian/dists/lenny/main/binary-i386/Packages.bz2 Sub-process bzip2 returned an error code (2) E: Some index files failed to download, they have been ignored, or old ones used instead.
