Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Curl / Wget: Certificate expired error #63

Open
morevnaproject opened this issue Jan 8, 2022 · 1 comment
Open

Curl / Wget: Certificate expired error #63

morevnaproject opened this issue Jan 8, 2022 · 1 comment

Comments

@morevnaproject
Copy link

When I am using curl or wget inside of container to download some files it gives me certificate error:

wget https://pkgconfig.freedesktop.org/releases/pkg-config-0.29.2.tar.gz
--2022-01-08 03:41:05--  https://pkgconfig.freedesktop.org/releases/pkg-config-0.29.2.tar.gz
Resolving pkgconfig.freedesktop.org (pkgconfig.freedesktop.org)... 131.252.210.176, 2610:10:20:722:a800:ff:feda:470f
Connecting to pkgconfig.freedesktop.org (pkgconfig.freedesktop.org)|131.252.210.176|:443... connected.
ERROR: The certificate of 'pkgconfig.freedesktop.org' is not trusted.
ERROR: The certificate of 'pkgconfig.freedesktop.org' has expired.

curl https://pkgconfig.freedesktop.org/releases/pkg-config-0.29.2.tar.gz -o test.tar.gz
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
curl: (60) SSL certificate problem: certificate has expired
More details here: https://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
 of Certificate Authority (CA) public keys (CA certs). If the default
 bundle file isn't adequate, you can specify an alternate file
 using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
 the bundle, the certificate verification probably failed due to a
 problem with the certificate (it might be expired, or the name might
 not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
 the -k (or --insecure) option.
@morevnaproject
Copy link
Author

This issue gets fixed by updating SSL/TLS packages.

For Curl:

apt-get -yq update
apt-get -yq install libssl1.0.2

For Wget:

apt-get -yq update
apt-get -yq install openssl libgnutls30

Note: I have found this combination of packages by running apt-get -yq update && apt-get -yq upgrade command. Though, the command took too long, as it updated many other packages. So I have found "guilty" packages by checking every updated package manually and listed them above to save time. I hope you will find it useful and consider updating Docker images too. Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@morevnaproject