[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] wget seems to be "out of touch" with security (fails on m

From: Tim Rühsen
Subject: Re: [Bug-wget] wget seems to be "out of touch" with security (fails on most (all?) http websites...(where browsers work)
Date: Fri, 20 Dec 2013 19:35:21 +0100
User-agent: KMail/4.11.3 (Linux/3.11-2-amd64; KDE/4.11.3; x86_64; ; )

Am Freitag, 20. Dezember 2013, 09:03:43 schrieb L Walsh:
> But at the end of the update script, I notice a message:
> if ($foundignored)
> {
>    print STDERR "\n* = CA Certificates in /etc/ssl/certs are only seen by
> some legacy applications.
> To install CA-Certificates globally move them to /etc/pki/trust/ancors
> instead!\n"; }
> Perhaps wget isn't using the new location?

Wget is using /etc/ssl/certs by default.

If the distribution uses a different directory, the package maintainer should 
change the default directory either by providing a patch or by specifying the 
directory in /etc/wgetrc.

Have a look into /etc/sl/certs and  /etc/pki/trust/ancors, which of them fits 
your needs.

Assuming you want /etc/pki/trust/ancors as the certificate directory, put it 
into /etc/wgetrc (or into ~/.wgetrc):


BTW, the 'Go Daddy' certs are named here (Debian SID) Go_Daddy_*

It is a good idea to submit a bug report for the wget package of your dist (if 
it hasn't already be done by someone else).

Regards, Tim

Attachment: signature.asc
Description: This is a digitally signed message part.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]