Your Web News in One Place

Help Webnuz

Referal links:

Sign up for GreenGeeks web hosting
February 13, 2022 07:54 am GMT

OpenBSD pkg_add didn't work due to ocsp verify failed

What happend

Just after installing OpenBSD onto VirtulBox, I couldn't use syspatch and pkg_add due to the error:

$ doas pkg_add -u https://cdn.openbsd.org/pub/OpenBSD/7.0/packages-stable/amd64/: TLS handshake failure: ocsp verify failed: ocsp response not currenthttps://cdn.openbsd.org/pub/OpenBSD/7.0/packages/amd64/: TLS handshake failure: ocsp verify failed: ocsp response not currenthttps://cdn.openbsd.org/pub/OpenBSD/7.0/packages/amd64/: empty

Nevertheless ping cdn.openbsd.org was successful.

Solution

I modified /etc/installurl:

$ doas vi /etc/installurl

to switch to the FTP server:

- https://cdn.openbsd.org/pub/OpenBSD+ https://ftp.openbsd.org/pub/OpenBSD

Then it turned successful.

$ doas pkg_add -uquirks-4.54 signed on 2022-02-12T18:54:43Zquirks-4.54: ok

Why happend (guess)

After a while (an hour), I reverted /etc/installurl:

- https://ftp.openbsd.org/pub/OpenBSD+ https://cdn.openbsd.org/pub/OpenBSD

It didn't bring any error:

$ doas pkg_add -uquirks-4.54 signed on 2022-02-12T18:54:43Z

To my surprise, It may have been fixed over time.

I guess it was because ntp status. I perhaps had never met the failure when installing OpenBSD onto physical server.

For information, the ntp status was below after the failure had been fixed:

$ doas ntpctl -s status5/5 peers valid, constraint offset -32564s, clock unsynced, clock offset is -32561707.819ms

Original Link: https://dev.to/nabbisen/openbsd-pkgadd-didnt-work-due-to-ocsp-verify-failed-53b2

Share this article:    Share on Facebook
View Full Article

Dev To

An online community for sharing and discovering great ideas, having debates, and making friends

More About this Source Visit Dev To