[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] wget feature request: support for SAN/UCC SSL Certs RFC 3

From: Jochen Roderburg
Subject: Re: [Bug-wget] wget feature request: support for SAN/UCC SSL Certs RFC 3280 part
Date: Thu, 24 Nov 2011 22:23:15 +0100
User-agent: Dynamic Internet Messaging Program (DIMP) H3 (1.1.4)

Zitat von Wallance Hou <address@hidden>:

Currently Does wget new version support or verify SAN/UCC SSL certificate? If yes, but I tried to install wget 1.13.x, but there still was issue as below. (gnutls-2.12.14 without p11-kit-1), Please advie.

address@hidden wget-1.13.4]# wget -v -O xx https://www.verisign.net
--2011-11-23 19:07:54--  https://www.verisign.net/
Resolving www.verisign.net (www.verisign.net)...
Connecting to www.verisign.net (www.verisign.net)||:443... connected.
ERROR: The certificate of `www.verisign.net' is not trusted.
ERROR: The certificate of `www.verisign.net' hasn't got a known issuer.
address@hidden wget-1.13.4]#

Hi Wallace,

No idea what SAN/UCC means.
The wget messages look like it did not find the so-called CA certificates which are needed for the verification of the server certificates. It it possible that you have a CA-certificates pack on your Linux (as part of installed SSL/TLS libraries), it is often seen under a name like ca-bundle.crt or similar. I am not familiar enough with gnutls (I have my SSL-capable programs usually installed with OpenSSL) to know if this can be configured to automatically use such a file, but in any case you can give it to wget with the parameter --ca-certificate=/path/to/file.

Best Regards,

reply via email to

[Prev in Thread] Current Thread [Next in Thread]