<div dir="ltr"><div><div>I noticed this as well, since my work VPN does fairly strict certificate checking and didn't allow me to connect to any <a href="http://haskell.org">haskell.org</a> urls due to this.<br><br></div>I'm not sure about the right list, I've added <a href="mailto:admin@haskell.org">admin@haskell.org</a> to the CC list.<br><br></div>Erik<br></div><div class="gmail_extra"><br><div class="gmail_quote">On 18 December 2016 at 07:12, Edward Z. Yang <span dir="ltr"><<a href="mailto:ezyang@mit.edu" target="_blank">ezyang@mit.edu</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">See: <a href="https://www.sslshopper.com/ssl-checker.html#hostname=www.haskell.org" rel="noreferrer" target="_blank">https://www.sslshopper.com/<wbr>ssl-checker.html#hostname=www.<wbr>haskell.org</a><br>
<br>
This is causing curl to fail to download it:<br>
<br>
ezyang@sabre:~/Downloads$ curl  <a href="https://www.haskell.org/cabal/release/cabal-install-1.24.0.0/cabal-install-1.24.0.0-x86_64-unknown-mingw32.zip" rel="noreferrer" target="_blank">https://www.haskell.org/cabal/<wbr>release/cabal-install-1.24.0.<wbr>0/cabal-install-1.24.0.0-x86_<wbr>64-unknown-mingw32.zip</a><br>
curl: (60) server certificate verification failed. CAfile: /etc/ssl/certs/ca-<wbr>certificates.crt CRLfile: none<br>
More details here: <a href="http://curl.haxx.se/docs/sslcerts.html" rel="noreferrer" target="_blank">http://curl.haxx.se/docs/<wbr>sslcerts.html</a><br>
<br>
curl performs SSL certificate verification by default, using a "bundle"<br>
 of Certificate Authority (CA) public keys (CA certs). If the default<br>
 bundle file isn't adequate, you can specify an alternate file<br>
 using the --cacert option.<br>
If this HTTPS server uses a certificate signed by a CA represented in<br>
 the bundle, the certificate verification probably failed due to a<br>
 problem with the certificate (it might be expired, or the name might<br>
 not match the domain name in the URL).<br>
If you'd like to turn off curl's verification of the certificate, use<br>
 the -k (or --insecure) option.<br>
<br>
Apologies if this is the wrong list.<br>
<br>
Thanks,<br>
Edward<br>
______________________________<wbr>_________________<br>
ghc-devs mailing list<br>
<a href="mailto:ghc-devs@haskell.org">ghc-devs@haskell.org</a><br>
<a href="http://mail.haskell.org/cgi-bin/mailman/listinfo/ghc-devs" rel="noreferrer" target="_blank">http://mail.haskell.org/cgi-<wbr>bin/mailman/listinfo/ghc-devs</a><br>
</blockquote></div><br></div>