[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-wget] Probs downloading secure content on Cygwin/Windows 7/64
|
From: |
Tim Ruehsen |
|
Subject: |
Re: [Bug-wget] Probs downloading secure content on Cygwin/Windows 7/64 |
|
Date: |
Mon, 31 Aug 2015 10:32:53 +0200 |
|
User-agent: |
KMail/4.14.2 (Linux/4.1.0-1-amd64; KDE/4.14.2; x86_64; ; ) |
Hi,
in addition to Ander Juaristi's posting:
Have you installed the package 'ca-certificates' ?
Check with 'ls -la /etc/ssl/certs/'
In my CygWin environment wget 1.16.3 downloads your example URL.
Regards, Tim
On Friday 28 August 2015 11:30:02 L Walsh wrote:
> > wget
>
> "https://get.adobe.com/flashplayer/download/?installer=FP_18_for_Firefox_-_N
> PAPI&os=Windows%207&browser_type=Gecko&browser_dist=Firefox&p=mss"
> --2015-08-28 11:17:19--
> https://get.adobe.com/flashplayer/download/?installer=FP_18_for_Firefox_-_NP
> API&os=Windows%207&browser_type=Gecko&browser_dist=Firefox&p=mss Resolving
> webproxy (webproxy)... 192.168.4.1, 192.168.3.1
> Connecting to webproxy (webproxy)|192.168.4.1|:8118... connected.
> ERROR: The certificate of ‘get.adobe.com’ is not trusted.
> ERROR: The certificate of ‘get.adobe.com’ hasn't got a known issuer.
> -----
> I went into my web browser (which doesn't seem to have an issue with the
> cert), looked at the security for the page and exported the Security
> Cert chain
> to a ".crt" file.
>
> In windows, I could click on that to install the cert into Window's local
> store and it was "imported successfully".
>
> But it seems wget still doesn't know how to use the native
> machines cert-store.
>
> Shouldn't it be able to use the native host's cert store automatically,
> or is there some extra magic words / switches I should have known to
> use?
>
> ;-/
>
> Ever since the cert checking was turned on in wget, the only way I've been
> able to d/l secure stuff is to tell it to ignore the security, which seems
> like it might be counter-productive.
>
> Seems alot like the standard security problem of it making it so difficult
> to use, that people simply create an alias to never check security -- which
> can't be better than before when I wasn't taught to turn off security (not
> that I usually do, but it seems like that's the direction I'm being
> "hurded"...
> ;-)
>
> help?
>
> version info:
> law.Bliss> wget --version
> GNU Wget 1.16.1 built on cygwin.
>
> +digest +https +ipv6 +iri +large-file +nls +ntlm +opie -psl +ssl/gnutls
>
> Wgetrc:
> /Users/law.Bliss/.wgetrc (user)
> /etc/wgetrc (system)
> Locale:
> /usr/share/locale
> Compile:
> gcc -DHAVE_CONFIG_H -DSYSTEM_WGETRC="/etc/wgetrc"
> -DLOCALEDIR="/usr/share/locale" -I.
> -I/usr/src/wget-1.16.1-1.x86_64/src/wget-1.16.1/src -I../lib
> -I/usr/src/wget-1.16.1-1.x86_64/src/wget-1.16.1/lib
> -I/usr/include/uuid -I/usr/include/p11-kit-1 -DHAVE_LIBGNUTLS
> -DNDEBUG -ggdb -O2 -pipe -Wimplicit-function-declaration
>
> -fdebug-prefix-map=/usr/src/wget-1.16.1-1.x86_64/build=/usr/src/debug/wget-1
> .16.1-1
>
>
> -fdebug-prefix-map=/usr/src/wget-1.16.1-1.x86_64/src/wget-1.16.1=/usr/src/de
> bug/wget-1.16.1-1
>
> Link:
> gcc -I/usr/include/uuid -I/usr/include/p11-kit-1 -DHAVE_LIBGNUTLS
> -DNDEBUG -ggdb -O2 -pipe -Wimplicit-function-declaration
>
> -fdebug-prefix-map=/usr/src/wget-1.16.1-1.x86_64/build=/usr/src/debug/wget-1
> .16.1-1
>
>
> -fdebug-prefix-map=/usr/src/wget-1.16.1-1.x86_64/src/wget-1.16.1=/usr/src/de
> bug/wget-1.16.1-1
>
> -liconv -lintl -lpcre -luuid -lnettle -lgnutls -lz -lintl -liconv
> -lp11-kit -lgmp -lhogweed -lgmp -lnettle -ltasn1 -lp11-kit -lz -lz
> -lidn ftp-opie.o gnutls.o http-ntlm.o ../lib/libgnu.a
>
> Copyright (C) 2014 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later
> <http://www.gnu.org/licenses/gpl.html>.
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.
>
> Originally written by Hrvoje Niksic <address@hidden>.
> Please send bug reports and questions to <address@hidden>.