[arch-releng] ipxe.lkrn BIOS TLS issue
Anindya Mukherjee
anindya49 at hotmail.com
Wed Oct 2 02:21:22 UTC 2019
I can load the .ipxe script from Firefox and display the certificate details:
Serial: 04:45:82:E5:7F:72:A5:7A:C1:D5:E9:ED:8C:57:3C:1E:BB:B0
SHA-256: AD:8D:28:BE:3D:A1:40:FB:08:AB:4C:1F:1E:B5:8E:B0:3E:4F:4A:52:23:69:AB:85:41:2D:60:A7:C2:80:25:80
SHA1 25:95:32:0A:21:2E:CA:EA:43:AB:3F:1D:89:BF:9A:F7:D9:9E:59:F7
Does that help? The certificate can be viewed by loading https://www.archlinux.org/releng/netboot/archlinux.ipxe in Firefox (for example) and clicking the green padlock.
________________________________
From: Santiago Torres-Arias <santiago at archlinux.org>
Sent: October 1, 2019 4:44 PM
To: Arch Linux Release Engineering <arch-releng at archlinux.org>
Cc: Anindya Mukherjee <anindya49 at hotmail.com>
Subject: Re: [arch-releng] ipxe.lkrn BIOS TLS issue
On Tue, Oct 01, 2019 at 10:05:41PM +0000, Anindya Mukherjee via arch-releng wrote:
> The ipxe.lkrn image boots successfully but when it tries to access https://www.archlinux.org/releng/netboot/archlinux.ipxe it fails with "Operation not permitted". IPXE shows the error url http://ipxe.org/410de13c which points to a TLS issue (Fatal alert).
> Not sure how to proceed. The networking seems to be working fine. Typing route at the ipxe prompt shows an ip address has been assigned. Is there a certificate issue with ipxe.lkrn?
Looks to me that the certificate is not being trusted (similar to the
bug below):
https://bugs.archlinux.org/task/58470
Do you have the certificate that's being requested?
Cheers!
-Santiago/Sangy
More information about the arch-releng
mailing list