[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] wget seems to be "out of touch" with security (fails on m

From: Daniel Kahn Gillmor
Subject: Re: [Bug-wget] wget seems to be "out of touch" with security (fails on most (all?) https websites...(where browsers work)
Date: Fri, 20 Dec 2013 00:40:38 -0500
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Icedove/24.1.1

i think your subject line meant "https" instead of "http", so i've
updated it.

On 12/19/2013 11:40 PM, L Walsh wrote:
> I recently started using 1.14 of wget included with my distro's updates:
> GNU Wget 1.14 built on linux-gnu.

you don't mention which distro you're using, or which version of openssl
is in place.  those would be useful pieces of information :)

> wget 
> "https://collaboration.opengroup.org/pegasus/pp/documents/29166/ReleaseNotes.htm";

you're using wget with openssl.  what does openssl's own client say when
it tries to connect to the same server?

 openssl s_client -connect collaboration.opengroup.org:443

Do you have a copy of Go Daddy's "level 2" root CA's certificate?  If
so, is it reachable from openssl's default CA directory ?  normally, i
think that's /etc/ssl/certs (at least it is on debian).  Is that
directory properly hashed?

have you tried passing --ca-certificate or --ca-directory (with the
appropriate arguments?) to wget?



Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]