error in periodic output, fetching leap-seconds.list

pez

Member

Reaction score: 7
Messages: 46

I've recently started getting an error in my periodic output email.
Code:
Certificate verification failed for /C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./CN=Starfield Root Certificate Authority - G2
34374371912:error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed:/usr/src/crypto/openssl/ssl/s3_clnt.c:1269:
fetch: https://www.ietf.org/timezones/data/leap-seconds.list: Authentication error
I have ca_root_nss installed. I can reproduce the problem by doing service ntpd onefetch.
This is FreeBSD 11.2-RELEASE, my other vm's and physical servers which are the same version do not have the same problem, but this one was installed with 11.2-RELEASE while the others have all been upgraded from earlier versions.

It's not critical, I don't even have ntpd(8) enabled in rc.conf.

Any suggestions would be appreciated.
regards
andrew
 

ShelLuser

Son of Beastie

Reaction score: 1,738
Messages: 3,556

I cannot reproduce any errors so this seems like a localized problem at first. However... What is the output of grep server /etc/ntp.conf?
 
OP
OP
pez

pez

Member

Reaction score: 7
Messages: 46

ok thanks, here's the output, only comments

regards
andrew

# Default NTP servers for the FreeBSD operating system.
# Set the target and limit for adding servers configured via pool statements
# Ntpd automatically adds maxclock-1 servers from configured pools, and may
# servers are providing good consistant time.
# The following pool statement will give you a random set of NTP servers
# servers from the pool, according to the tos minclock/maxclock targets.
# users with a static IP and good upstream NTP servers to add a server
# If you want to pick yourself which country's public NTP server
# To configure a specific server, such as an organization-wide local
# server, add lines similar to the following. One or more specific
# servers can be configured in addition to, or instead of, any server
# the specific servers, then adds servers from the pool until the tos
#server time.my-internal.org iburst
# In this case, all remote NTP time servers also need to be explicitly
# this server.
# Please note that this example doesn't work for the servers in
# If a server loses sync with all upstream servers, NTP clients
# no longer follow that server. The local clock can be configured
# be configured on just one server on a network. For more details see
#server 127.127.1.0
 

Datapanic

Well-Known Member

Reaction score: 180
Messages: 375

the default /etc/ntp.conf does not use the server definition, that's going to be commented out. It uses the pool instead, the default being pool 0.freebsd.pool.ntp.org iburst
 
OP
OP
pez

pez

Member

Reaction score: 7
Messages: 46

yeah already have done that. that's my problem, that is installed and i still have the error
 
Top