Closed ezzatron closed 2 years ago
Likewise :(
I also appear to have this issue on my 2020 M1 macbook pro
+1
Sorry, but I still have problems
Right after a fresh install (i.e. brew rm openssl-osx-ca && brew install --HEAD openssl-osx-ca
)
Name Status User File
openssl-osx-ca error 19968 /opt/homebrew/opt/openssl-osx-ca/homebrew.mxcl.openssl-osx-ca.plist
If I try to do a brew services restart openssl-osx-ca
, I get
❯ brew services
Name Status User File
openssl-osx-ca error 19968 andre ~/Library/LaunchAgents/homebrew.mxcl.openssl-osx-ca.plist
What is the right procedure to upgrade?
@raggi , it seems there was a typo in your service definition block for the Homebrew formula. As a result, it tries to call a binary that doesn't exist so this issue is still occurring.
I fixed it and opened a PR here: https://github.com/raggi/homebrew-ale/pull/2
@akelge , until this PR is merged, what you can do is run the following:
wget https://raw.github.com/gauthamchandra/homebrew-ale/master/openssl-osx-ca.rb
brew install --HEAD -s ./openssl-osx-ca.rb
This will install the patched version which should allow brew services start openssl-osx-ca
to run correctly
Brew no longer allows you to install a package directly from a URL for security reasons (hence the downloading of the formula manually via wget
).
Thank you for the fix, and sorry for the bug. As I said in the PR, there must be something broken on my test path - very appreciative of the PR!
I can confirm it works. I tried to fix it in the past, but the typo slipped out :) Thanks a lot
Too early: the service is running properly now, but it generates an empty cert.pem
.
If I run it manually
❯ /opt/homebrew/opt/openssl-osx-ca/bin/openssl-osx-ca /opt/homebrew/bin/brew
❯ ll /opt/homebrew/etc/openssl@1.1
total 608
-rw-rw-r-- 1 andre admin 277228 May 6 09:07 cert.pem
-rw-r--r-- 1 andre admin 412 Mar 22 21:20 ct_log_list.cnf
-rw-r--r-- 1 andre admin 412 Mar 22 21:20 ct_log_list.cnf.dist
drwxrwxr-x 7 andre admin 224 Dec 17 07:16 misc/
-rw-r--r-- 1 andre admin 10909 Mar 22 21:20 openssl.cnf
-rw-r--r-- 1 andre admin 10909 Mar 22 21:20 openssl.cnf.dist
The I launch the service
❯ brew services start openssl-osx-ca
==> Successfully started `openssl-osx-ca` (label: homebrew.mxcl.openssl-osx-ca)
Name Status User File
nomad none
openssl-osx-ca scheduled andre ~/Library/LaunchAgents/homebrew.mxcl.openssl-osx-ca.plist
❯ ll /opt/homebrew/etc/openssl@1.1
total 64
-rw-r--r-- 1 andre admin 0 May 6 09:08 cert.pem
-rw-r--r-- 1 andre admin 412 Mar 22 21:20 ct_log_list.cnf
-rw-r--r-- 1 andre admin 412 Mar 22 21:20 ct_log_list.cnf.dist
drwxrwxr-x 7 andre admin 224 Dec 17 07:16 misc/
-rw-r--r-- 1 andre admin 10909 Mar 22 21:20 openssl.cnf
-rw-r--r-- 1 andre admin 10909 Mar 22 21:20 openssl.cnf.dist
More info, adding some debug to the service
/opt/homebrew/opt/openssl-osx-ca/bin/openssl-osx-ca: line 76: osx-ca-certs: command not found
/opt/homebrew/opt/openssl-osx-ca/bin/openssl-osx-ca: line 76: osx-ca-certs: command not found
/opt/homebrew/opt/openssl-osx-ca/bin/openssl-osx-ca: line 76: osx-ca-certs: command not found
/opt/homebrew/opt/openssl-osx-ca/bin/openssl-osx-ca: line 76: osx-ca-certs: command not found```
Chanfing the plist file to this
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>KeepAlive</key>
<true/>
<key>Label</key>
<string>homebrew.mxcl.openssl-osx-ca</string>
<key>ProgramArguments</key>
<array>
<string>/opt/homebrew/opt/openssl-osx-ca/bin/openssl-osx-ca</string>
<string>-path</string>
<string>/opt/homebrew/bin/osx-ca-certs</string>
<string>/opt/homebrew/bin/brew</string>
</array>
<key>RunAtLoad</key>
<false/>
<key>StartInterval</key>
<integer>3600</integer>
</dict>
</plist>
fixes the issue Shall I open a PR or can you take care of it?
Good catch on the empty cert file. It seems I never experienced this problem because I had a legacy dotfiles script manually generating it for me (and thus bypassing this logic altogether) 🤦🏼 🤦🏼
I can take a look now.
As I said in the PR, there must be something broken on my test path
@raggi, I have a feeling that you might have, at some point in time ran openssl
's bin/c_rehash
command using different certs because when I cleaned up my shell configs and ran brew test ./openssl-osx-ca.rb
, I got the following:
verify depth is 10
4330636672:error:0B084088:x509 certificate routines:X509_load_cert_crl_file:no certificate or crl found:crypto/x509/by_file.c:223:
Perhaps we can make the test a little bit more specific so that it doesn't take into account any previous configs or rehashes that have occurred. 🤔
Ok. Take 2 😄
PR opened here: https://github.com/raggi/homebrew-ale/pull/3/files and both brew test
and `manual testing seems to work correctly. Hopefully this should be the last fix we need to do to get it working 🤞🏼
I'm still getting this issue.
Ok. Take 2 😄
PR opened here: https://github.com/raggi/homebrew-ale/pull/3/files and both
brew test
and `manual testing seems to work correctly. Hopefully this should be the last fix we need to do to get it working 🤞🏼
Are you still using this fix? After I ran:
wget https://raw.github.com/gauthamchandra/homebrew-ale/master/openssl-osx-ca.rb
brew install --HEAD -s ./openssl-osx-ca.rb
I still get the Bootstrap failed 5 error when running brew services start openssl-osx-ca
I recently tried to start the service which I installed via Homebrew, and get this error:
All I could find via search was this possibly-related issue: https://github.com/Homebrew/brew/issues/11289
I'm running Big Sur on an Intel-based MBP. Please let me know if I can help out with any further details.