[WARM]

Hello,

I’ve encountered an issue after installing chrony on a fresh install of ArchLinux ARM on oDroid XU4 along with a [code]pacman -Syu[/code] update. Chrony successfully queries using secure NTP, but receive the following odd error when testing the following command:
[code]chronyd -Q -t 3 “server time.cloudflare.com iburst nts maxsamples 1”[/code]

Error:
[code]TLS handshake with 162.159.200.123:4460 (time.cloudflare.com) failed : Error in the certificate verification. The certificate is NOT trusted. The certificate chain uses not yet valid certificates.[/code]

After searching the forum, I’m uncertain if this issue is connected with compilation of the package (akin to [url]make_clickable_callback(MAGIC_URL_LOCAL, ' ', 'https://archlinuxarm.org/forum', 'viewtopic.php?f=57&t=16070&start=10&hilit=certificates', ' class="postlink-local"')[/url]). I have confirmed that the system clock and RTC reflects the current time within a small margin of error and installed the [code]ca-certificates[/code] package.

I appreciate the time in advance.

[WARM]

One update: despite running [code]pacman -Syu[/code] off new install of [code]ArchLinuxARM-odroid-xu3-latest.tar.gz[/code], the system still runs kernel 4.14.180-3. I’m happy to update to something closer to the 6.6 current kernel version that may help, but is there a reason why current builds continue to use the old kernel for compatibility reasons?

Apologies, but I’ve only recently switched to ArchLinux as Fedora discontinued ARM development, so I’m probably just out of touch.

[WARM]

I was able to update the kernel to 6.2.10-1-ARCH (if helpful for anyone, using [code]pacman -Syu linux-armv7 [/code] replaced the xu3 kernel package, enabling more current kernel.

All that said, the original issue posted in this thread remains.

[WARM]

Well, confirming this is (yet another) instance where modifying the CFLAGS for 64-bit time and configuring with —disable-year2038 addresses the 32-bit platform issue. I was able to rebuild the chrony package to get NTS+KE working on oDroid XU4.

Given the ubiquity of the issue across packages, is there a systemic solution under consideration to be able to install official packages that will address the application of base x86_64 packages to 32-bit platforms?

Now on to fix DNS over TLS in systemd-resolved…which appears to also suffer from the same/ similar issue…

[ford92925]

I was able to update the kernel to 6.2.10-1-ARCH (if helpful for anyone, using [code]pacman -Syu linux-armv7 [/code] replaced the xu3 kernel package, enabling more current kernel...make_clickable_callback(MAGIC_URL_FULL, '
make_clickable_callback(MAGIC_URL_FULL, '
', 'https://routerlogin.ltd/', '', ' class="postlink"')make_clickable_callback(MAGIC_URL_FULL, '
', 'https://pikashow.ltd/web-28/"'', '', ' class="postlink"'))