February 13, 2022 07:54 am GMT
Original Link: https://dev.to/nabbisen/openbsd-pkgadd-didnt-work-due-to-ocsp-verify-failed-53b2
OpenBSD pkg_add didn't work due to ocsp verify failed
What happend
Just after installing OpenBSD onto VirtulBox, I couldn't use syspatch
and pkg_add
due to the error:
$ doas pkg_add -u https://cdn.openbsd.org/pub/OpenBSD/7.0/packages-stable/amd64/: TLS handshake failure: ocsp verify failed: ocsp response not currenthttps://cdn.openbsd.org/pub/OpenBSD/7.0/packages/amd64/: TLS handshake failure: ocsp verify failed: ocsp response not currenthttps://cdn.openbsd.org/pub/OpenBSD/7.0/packages/amd64/: empty
Nevertheless ping cdn.openbsd.org
was successful.
Solution
I modified /etc/installurl
:
$ doas vi /etc/installurl
to switch to the FTP server:
- https://cdn.openbsd.org/pub/OpenBSD+ https://ftp.openbsd.org/pub/OpenBSD
Then it turned successful.
$ doas pkg_add -uquirks-4.54 signed on 2022-02-12T18:54:43Zquirks-4.54: ok
Why happend (guess)
After a while (an hour), I reverted /etc/installurl
:
- https://ftp.openbsd.org/pub/OpenBSD+ https://cdn.openbsd.org/pub/OpenBSD
It didn't bring any error:
$ doas pkg_add -uquirks-4.54 signed on 2022-02-12T18:54:43Z
To my surprise, It may have been fixed over time.
I guess it was because ntp status. I perhaps had never met the failure when installing OpenBSD onto physical server.
For information, the ntp status was below after the failure had been fixed:
$ doas ntpctl -s status5/5 peers valid, constraint offset -32564s, clock unsynced, clock offset is -32561707.819ms
Original Link: https://dev.to/nabbisen/openbsd-pkgadd-didnt-work-due-to-ocsp-verify-failed-53b2
Share this article:
Tweet
View Full Article
Dev To
An online community for sharing and discovering great ideas, having debates, and making friendsMore About this Source Visit Dev To