# pkg: initial install fails (valid certificate missing)



## EastPipe82 (Dec 30, 2022)

Hi all,

I tried to install FreeBSD on my MacBook... installation completed without errors, reboot, everything's fine.
Over the course of installing gnome I have to install pkg first. During bootstrapping the system displays:

"No trusted fingerprint found matching package's certificate."

After deactivating "signature_type" and "fingerprints" in FreeBSD.conf following is shown:

"pkg: archive_read_open_fd: Unrecognized archive format"

Which step is missing? I have no further ideas, sorry.


Thanks for helping!


----------



## SirDice (Dec 30, 2022)

EastPipe82 said:


> I tried to install FreeBSD on my MacBook.


What version of FreeBSD?


----------



## EastPipe82 (Dec 30, 2022)

13.1


----------



## SirDice (Dec 31, 2022)

EastPipe82 said:


> After deactivating "signature_type" and "fingerprints" in FreeBSD.conf


Undo this please. They're there to ensure you're getting the proper FreeBSD packages. 



EastPipe82 said:


> "No trusted fingerprint found matching package's certificate."


This leads me to believe you might be using a dodgy mirror?

What does `pkg bootstrap -f` do?


----------



## EastPipe82 (Dec 31, 2022)

Thank You for Your quick reply!
I've undone it afterwards - just for troubleshooting.

pkg bootstrap -f said:
"Bootstrapping pkg from pkg+http://pkg.FreeBSD.org/FreeBSD:13:amd64/quarterly, please wait...
  No trusted fingerprint found matching package's certificate"

I already tried to change from quarterly to latest - same outcome.


----------



## SirDice (Dec 31, 2022)

The /etc/pkg/FreeBSD.conf should look like this:

```
FreeBSD: {
  url: "pkg+http://pkg.FreeBSD.org/${ABI}/quarterly",
  mirror_type: "srv",
  signature_type: "fingerprints",
  fingerprints: "/usr/share/keys/pkg",
  enabled: yes
}
```

Fingerprints are preinstalled and should be good.

This is a brand new install right? In the off chance it has something to do with recent patches I would suggest trying to update FreeBSD itself first; `freebsd-update fetch install`. You should have a 13.1-RELEASE-p3 kernel and a 13.1-RELEASE-p5 userland.


----------



## EastPipe82 (Dec 31, 2022)

SirDice said:


> The /etc/pkg/FreeBSD.conf should look like this:
> 
> ```
> FreeBSD: {
> ...


Exactly, that's the current configuration.



SirDice said:


> This is a brand new install right? In the off chance it has something to do with recent patches I would suggest trying to update FreeBSD itself first; `freebsd-update fetch install`. You should have a 13.1-RELEASE-p3 kernel and a 13.1-RELEASE-p5 userland.


Correct - brand new installed system.
I'll try to update BSD next - thank's!

Interesting progress:

"2 mirrors found.
  Fetching public key from update2.freebsd.org... key has incorrect hash.
  Fetching public key from update1.freebsd.org... key has incorrect hash.
  No mirrors remaining, giving up.

  This may be because upgrading from this platform (amd64) or release (13.1-RELEASE) is unsupported by freebsd-update.
  Only platforms with Tier1 support can be upgraded."


----------



## EastPipe82 (Dec 31, 2022)

"#freebsd-version -uk
   13.1-RELEASE
   13.1-RELEASE"


----------



## SirDice (Dec 31, 2022)

Where did you get the FreeBSD installer from? Is there perhaps a proxy in your path that might mangle downloads?


----------



## cracauer@ (Dec 31, 2022)

Is maybe the clock very off? That makes certificates fail.


----------



## EastPipe82 (Dec 31, 2022)

SirDice said:


> Where did you get the FreeBSD installer from?


The official download portal https://www.freebsd.org/de/where/.



SirDice said:


> Is there perhaps a proxy in your path that might mangle downloads?


Actually not... I'll still clarify that . Up to here thank You very much!


----------



## EastPipe82 (Dec 31, 2022)

cracauer@ said:


> Is maybe the clock very off? That makes certificates fail.


That's it, tank's! NTP smashes the system clock.

Fixing that and everything's fine!

SirDice & cracauer@ 
I'm grateful and wishing a Happy New Year!


----------



## EastPipe82 (Dec 31, 2022)

#freebsd-version -uk
  13.1-RELEASE-p3
  13.1-RELEASE-p5


----------



## cracauer@ (Dec 31, 2022)

Happy New Year to you, too.


----------

