[Rd] checking https certificates

Jeroen Ooms jeroen.ooms at stat.ucla.edu
Thu Mar 10 21:07:49 CET 2016


It looks like the https certificate on r-project.org is currently
expired. I am sure sysadmin in Vienna is on it, but perhaps we can
prevent this from happening again by adding a check in R or the mirror
report [1] to warn about mirrors with https certs that are about to
expire:

  library(openssl)
  certs <- download_ssl_cert("r-project.org")
  cert_verify(certs)
  # Error in cert_verify_cert(cert[[1]], cert[-1], root) :
  #   Certificate validation failed: certificate has expired
  as.list(certs[[1]])$validity
  # [1] "Mar 10 17:14:13 2014 GMT" "Mar 10 17:14:13 2016 GMT"

PS: the cert that is deployed on r-forge.r-project.org is valid for
*.r-project.org and is valid until 2018 so that should make an easy
fix:

  cert <- download_ssl_cert("r-forge.r-project.org")
  cert_verify(cert)
  as.list(cert[[1]])


[1] https://cran.rstudio.com/mirmon_report.html



More information about the R-devel mailing list