Error while updating

On Opensuse tumbleweed the following persistent error

Download error (curl) for ‘’:
Error Code: Loop Error 60
Error message: SSL certificate problem: Unable to get local issuer certificate

Is this due to the passage of certificates in 4096 bits recently?
This error is blocking for updates.

1 Like

Hello there @sylvainM please accept my apologies for this issue. Could you please try installing the update from our release channel?

yes it’s already done since that’s how I installed Brave.
zypper up
returns among other things

Repository ‘Brave Browser’ is invalid.
[brave-browser|] Valid metadata not found at specified URL

It’s blocking.

I know that the certificates have recently changed to 4096 bits, is this related?

1 Like

Probably not?

$ openssl s_client -connect 2>/dev/null | fgrep bit
   a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
   a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
   a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
   a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
Server Temp Key: X25519, 253 bits
Server public key is 2048 bit

Not totally sure what curl is complaining about here, but my first guess would be that it can’t verify the site’s certificate chain; and in most cases, when dealing with public CAs, this is some kind of an issue with the local certificate store.

Does curl work properly when fetching other random public sites?

Yes all other repositories are working again except Brave and vsc.
This link is from an Opensuse forum post

New 4096 bit RSA signing key for Tumbleweed
23. Jan 2023 | Marcus Meissner | CC-BY-SA-3.0

RPM and repository signing key of Tumbleweed

Almost certainly they are talking about the GPG key used to sign the distro packages hosted in their own repository.

It’s possible, it’s a clue.
The problem with the Brave repository is not solved.
The error is still the same as I write to you.

No update possible.

Well of course, nothing has been changed so I would expect the behavior to continue.

On that same system what happens if you browse (with Brave, Chrome, or Chromium) to the same URL?

And if you also have Firefox on that system, what happens with the same URL in that browser?

You can also try this:


The error at this address with both browsers is:
This XML file does not appear to have any style information associated with it. The document tree is shown below.

I notice that the ckecksum is in sha256 while the signatures are in 4096 bits since January 23, 2023.

The solution from the link works and there was just an update from Brave.


1 Like

Unfortunately this error returns after a restart of the machine.
The only way to solve is to enter the command again:


for the refresh to consider the Brave repository for updates.

I put the command in my crontab on startup.


Please try installing the Beta or Nightly version of Brave to see if the issue persists on those versions.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.