[SOLVED] wget: Unable to locally verify certificate for GC download
by budrz89 from LinuxQuestions.org on (#55GYR)
Hi,
I'm going through the BLFS book version 9.1, System V version and I'm trying to download GC-8.0.4 tarball but wget gives me this error:
Code:ERROR: cannot verify hboehm.info's certificate, issued by 'CN=RapidSSL RSA CA 2018,OU=www.digicert.com,O=DigiCert Inc,C=US':
Unable to locally verify the issuer's authority.I have make-ca (version 1.7 -- I wanted the most up-to-date version) installed and all of my certificates are up-to-date. I've tried downloading the .pem file for "RapidSSL RSA CA 2018" from https://www.digicert.com/digicert-root-certificates.htm
and copied it over to my /etc/ssl/local followed by a
Code:# make-ca -r -fI can see that it loaded the .pem local file but the wget error persists. I'm not sure what I'm doing wrong. I've tried downloading the .crt file and follow the instructions given here: http://linuxfromscratch.org/blfs/vie...s/make-ca.html
under "Adding Additional CA Certificates":
Code:# openssl x509 -in RapidSSLRSACA2018.crt -text -fingerprint -setalias "DigiCert RapidSSL RSA CA 2018" -addtrust serverAuth -addtrust emailProtection -addtrust codeSigning > /etc/ssl/local/DigiCert_RapidSSL_RSA_CA_2018.pembut I'd get an error:
Code:unable to load certificate
140718179467904:0909006C:PEM routines:get_name:no start line:crypto/pem/pem_lib.c:745:Expecting: TRUSTED CERTIFICATEand the .pem file is empty. I don't know what I'm doing wrong here. I've looked at this: https://superuser.com/questions/1149...ate-in-openssl
but I don't think it applies in this case.
BTW, I don't think it is relevant or not but I don't have a DE yet but my X Window system is completed.
I'm going through the BLFS book version 9.1, System V version and I'm trying to download GC-8.0.4 tarball but wget gives me this error:
Code:ERROR: cannot verify hboehm.info's certificate, issued by 'CN=RapidSSL RSA CA 2018,OU=www.digicert.com,O=DigiCert Inc,C=US':
Unable to locally verify the issuer's authority.I have make-ca (version 1.7 -- I wanted the most up-to-date version) installed and all of my certificates are up-to-date. I've tried downloading the .pem file for "RapidSSL RSA CA 2018" from https://www.digicert.com/digicert-root-certificates.htm
and copied it over to my /etc/ssl/local followed by a
Code:# make-ca -r -fI can see that it loaded the .pem local file but the wget error persists. I'm not sure what I'm doing wrong. I've tried downloading the .crt file and follow the instructions given here: http://linuxfromscratch.org/blfs/vie...s/make-ca.html
under "Adding Additional CA Certificates":
Code:# openssl x509 -in RapidSSLRSACA2018.crt -text -fingerprint -setalias "DigiCert RapidSSL RSA CA 2018" -addtrust serverAuth -addtrust emailProtection -addtrust codeSigning > /etc/ssl/local/DigiCert_RapidSSL_RSA_CA_2018.pembut I'd get an error:
Code:unable to load certificate
140718179467904:0909006C:PEM routines:get_name:no start line:crypto/pem/pem_lib.c:745:Expecting: TRUSTED CERTIFICATEand the .pem file is empty. I don't know what I'm doing wrong here. I've looked at this: https://superuser.com/questions/1149...ate-in-openssl
but I don't think it applies in this case.
BTW, I don't think it is relevant or not but I don't have a DE yet but my X Window system is completed.