Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How do I ignore SSL certificates? #1453

Closed
ShockedCoder opened this issue Feb 5, 2021 · 4 comments
Closed

How do I ignore SSL certificates? #1453

ShockedCoder opened this issue Feb 5, 2021 · 4 comments
Labels
Status: Resolved Issue or question has been answered or fixed successfully Type: Question

Comments

@ShockedCoder
Copy link

So I reinstalled Manjaro and whilst redownloading my packages I get a:

curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
==> ERROR: Failure while downloading https://chiselapp.com/user/aspect/repository/sdx/raw/sdx-20110317.kit?name=1a77b0b5bc8cfcf2df2ef051a511e9187103ce0c
    Aborting...
error downloading sources: sdx

I've searched for solutions and even looked at the man page for yay, but didn't find anything,
@grandchild
Copy link

I'm getting the same error. It seems that the source server for this specific package doesn't play well with a current Arch curl setup. (https://www.ssllabs.com/ssltest/analyze.html?d=chiselapp.com&s=74.208.146.128)

What you can do is look into (and eventually edit) /etc/makepkg.conf and edit the DLAGENTS key for https.

You could try and add the --insecure option to the DLAGENTS[https] curl command, BUT REMOVE IT AFTERWARDS!, as it skips SSL cert verification completely. Adding it as the very first argument right after "curl" did let me download the sources. (Didn't try building the package...)

@grandchild
Copy link

Also there's other people having the same problem on the AUR page for the package: https://aur.archlinux.org/packages/sdx

@archnim
Copy link

archnim commented Feb 9, 2021

I'm getting the same error. It seems that the source server for this specific package doesn't play well with a current Arch curl setup. (https://www.ssllabs.com/ssltest/analyze.html?d=chiselapp.com&s=74.208.146.128)

What you can do is look into (and eventually edit) /etc/makepkg.conf and edit the DLAGENTS key for https.

You could try and add the --insecure option to the DLAGENTS[https] curl command, BUT REMOVE IT AFTERWARDS!, as it skips SSL cert verification completely. Adding it as the very first argument right after "curl" did let me download the sources. (Didn't try building the package...)

Thank you very much. Your tip just helped me. Really, sdx maintainers should update their server's certificate !

@Jguer Jguer added Status: Resolved Issue or question has been answered or fixed successfully Type: Question labels Feb 16, 2021
@Jguer Jguer closed this as completed Feb 16, 2021
@Popolon
Copy link

Popolon commented Jan 7, 2024

I know it is closed, but it oriented me toward the good today solution. I've a failure due to a Let's Encrypt certificate expired today. This didn't work for me (in 2024, 3 years after)

A simple workaround that avoid at the same time to change makepkg.conf:

export GIT_SSL_NO_VERIFY=true
makepkg

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Status: Resolved Issue or question has been answered or fixed successfully Type: Question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@grandchild @Popolon @Jguer @ShockedCoder @archnim