I have the following in my init.el (or equivalent):
Unfortunately when I ran M-x list-packages I got the following error:
Certificate information Issued by: Let's Encrypt Authority X3 Issued to: CN=melpa.org Hostname: melpa.org Public key: RSA, signature: RSA-SHA256 Protocol: TLS1.2, key: ECDHE-RSA, cipher: AES-128-GCM, mac: AEAD Security level: Medium Valid: From 2017-09-18 to 2017-12-17 The TLS connection to melpa.org:443 is insecure for the following reasons: certificate was signed with an insecure algorithm the certificate was signed by an unknown and therefore untrusted authority certificate could not be verified
Googling didn't help. There were all sorts of misunderstandings - including blaming the package prelude (which I don't have installed).
You can check that melpa.org is legit by running the following on the command line
or just visit https://melpa.org in your web browser.
It looks like the MacOS version of Emacs doesn't find the correct certificate authorities.
Set up Emacs to use the certificate authorities you just installed. Simple as adding the following to your init.el:
This command tells Emacs to use the guntls package (which has, in the past had problems) and prepend the TLS CA certificates from LibreSSL to the list of trusted CAs.
Now when I install packages it all works.
What NOT TO DO
Please, please, please IGNORE any advice you see along the lines of
replace https with http
Start emacs with 'emacs --insecure'
Security is important. Don't just turn it off because you can't get something to work.