lynx: Can't access startfile http://rawgit.com/transcode-open/apt-cyg/master/apt-cyg

[hexray-newbee]

Looking up rawgit.com
Making HTTP connection to rawgit.com
Alert!: Unable to connect to remote host.

lynx: Can't access startfile http://rawgit.com/transcode-open/apt-cyg/master/apt-cyg

solution:
replace rawgit.com with raw.githubusercontent.com

[judy-akers]

I had to use:

wget raw.githubusercontent.com/transcode-open/apt-cyg/master/apt-cyg
install apt-cyg /bin

[rahuldottech]

@judy-akers You should most definitely not consider using sage - @cup does not respect the spirit of open source and tried to steal credit for this project too - going as far as tricking people to donate to him for @transcode-open's work, who actually made apt-cyg.

[AdamReece-WebBox]

fyi raw.githubusercontent.com now fails because of an SSL/TLS issue:

$ lynx -source https://raw.githubusercontent.com/transcode-open/apt-cyg/master/apt-cyg > apt-cyg

Looking up raw.githubusercontent.com
Making HTTPS connection to raw.githubusercontent.com
SSL callback:unable to get local issuer certificate, preverify_ok=0, ssl_okay=0
Retrying connection without TLS.
Looking up raw.githubusercontent.com
Making HTTPS connection to raw.githubusercontent.com
Alert!: Unable to make secure connection to remote host.

lynx: Can't access startfile https://raw.githubusercontent.com/transcode-open/apt-cyg/master/apt-cyg

This appears to be a classic issue whereby only the end entity certificate is being presented by the web server instead of the whole chain, so some utilities are unable to verify trust of both the end entity certificate and intermediate CA certificate.

Testing with OpenSSL CLI:

$ openssl s_client -connect raw.githubusercontent.com:443 -servername raw.githubusercontent.com
CONNECTED(00000003)
depth=1 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert SHA2 High Assurance Server CA
verify error:num=20:unable to get local issuer certificate
---
Certificate chain
 0 s:/C=US/ST=California/L=San Francisco/O=GitHub, Inc./CN=www.github.com
   i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Server CA
 1 s:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Server CA
   i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIHqDCCBpCgAwIBAgIQCDqEWS938ueVG/iHzt7JZjANBgkqhkiG9w0BAQsFADBw
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz
dXJhbmNlIFNlcnZlciBDQTAeFw0xNzAzMjMwMDAwMDBaFw0yMDA1MTMxMjAwMDBa
MGoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1T
YW4gRnJhbmNpc2NvMRUwEwYDVQQKEwxHaXRIdWIsIEluYy4xFzAVBgNVBAMTDnd3
dy5naXRodWIuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtPx
ijvPpEXyy3Bn10WfoWmKTW753Uv2PusDNmalx/7mqFqi5BqK4xWQHQgSpyhedgtW
IXWCJGHtgFVck+DBAbHiHsE67ewpV1a2l2GpqNCFTU77UsoNVD/xPyx3k+cPX9y8
rqjMiZB3xs1zKDYBkcoBVrA+iO323YkJmCLEXCO2O7b1twLFWkNwMd7e7nteu2uC
MvxNp5Qg22MIn33t2egMPfIDU/TcKDfyaty5+s6F3gzh7eIgnqNQN0T/5fpaYkqd
x8j21QDsIyF/CfSpA5qKLuhluu8xrUbnc0MigX7VThS9PbfxMSQ1cQQfbGdxoQNJ
TNHxXv+ZTXAxKCju5wIDAQABo4IEQjCCBD4wHwYDVR0jBBgwFoAUUWj/kK8CB3U8
zNllZGKiErhZcjswHQYDVR0OBBYEFDCCKdhtTODUosYQSAWAh6i8qukSMHsGA1Ud
EQR0MHKCDnd3dy5naXRodWIuY29tggwqLmdpdGh1Yi5jb22CCmdpdGh1Yi5jb22C
CyouZ2l0aHViLmlvgglnaXRodWIuaW+CFyouZ2l0aHVidXNlcmNvbnRlbnQuY29t
ghVnaXRodWJ1c2VyY29udGVudC5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW
MBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BgNVHR8EbjBsMDSgMqAwhi5odHRwOi8v
Y3JsMy5kaWdpY2VydC5jb20vc2hhMi1oYS1zZXJ2ZXItZzUuY3JsMDSgMqAwhi5o
dHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc2hhMi1oYS1zZXJ2ZXItZzUuY3JsMEwG
A1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3
LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMIGDBggrBgEFBQcBAQR3MHUwJAYI
KwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBNBggrBgEFBQcwAoZB
aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMkhpZ2hBc3N1
cmFuY2VTZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADCCAfUGCisGAQQB1nkCBAIE
ggHlBIIB4QHfAHYApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFa
/UBqBAAABAMARzBFAiBFXsWaC1bup8Q0JgrY9EgIxjqi1v2fA6Zg44iRXSQyywIh
AIzhzU1zlseJh5+yXc5U1I+pgqRmXb1XcPIsGL8oOdwjAHUAVhQGmi/XwuzT9eG9
RLI+x0Z2ubyZEVzA75SYVdaJ0N0AAAFa/UBqZQAABAMARjBEAiBKQMsySmj69oKZ
MeC+MDokLrrVN2tK+OMlzf1T5qgHtgIgRJLNGvfWDmMpCK/iWPSmMsYK2yYyTl9K
btHBtP5WpkcAdgDuS723dc5guuFCaR+r4Z5mow9+X7By2IMAxHuJeqj9ywAAAVr9
QGofAAAEAwBHMEUCIA2n0TbeAa5KbuOpnXpJbnObwckpOsHsaN+2rA7ZA16YAiEA
l7JTnVPdmFcauzwLjgNESMRFtn4Brzm9XJTPJbaWPacAdgC72d+8H4pxtZOUI5eq
kntHOFeVCqtS6BqQlmQ2jh7RhQAAAVr9QGoRAAAEAwBHMEUCIQCqrtuq71J6TM7w
KMWeSAROdTa8f35GoLMImJXONSNHfQIgONvSu/VH5jlZ1+PD+b6ThFF1+pV7wp7w
q+/8xiHUMlswDQYJKoZIhvcNAQELBQADggEBAJl+1i/OG6YV9RWz7/EwwR9UEJKk
jEPAvL2lDQBT4kLBhW/lp6lBmUtGEVrd/egnaZe2PKYOKjDbM1O+g7CqCIkEfmY1
5VyzLCh/p7HlJ3ltgSaJ6qBVUXAQy+tDWWuqUrRG/dL/iRaKRdoOv4cNU++DJMUX
rRJjQHSATb2kyd102d8cYQIKcbCTJC8tqSB6Q4ZEEViKRZvXXOJm66bG8Xyn3N2v
J4k598Gamch/NHrZOXODy3N1vBawTqFJLQkSjU4+Y//wiHHfUEYrpTg92zgIlylk
3svH64hwWd1i3BZ2LTBq46MvQKU2D8wFdtXgbgRAPWohX79Oo6hs0Jghub0=
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=San Francisco/O=GitHub, Inc./CN=www.github.com
issuer=/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Server CA
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 3862 bytes and written 468 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES128-GCM-SHA256
    Session-ID: 902F521F2FC00B26B83D39A9B38B2D2C2EBD9E834831D8ADC303D0845F07EC28
    Session-ID-ctx:
    Master-Key: 492F5F03532506FF771437E671587F9570A67CE4D5BB12E0DBD9022F9FA47BA54E8D5EE776C30AE0A6F5EA40FD6596C3
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 7200 (seconds)
    TLS session ticket:
    0000 - 5d 25 fc 92 21 fa 9c cc-00 ec 53 0b 74 d5 76 ae   ]%..!.....S.t.v.
    0010 - 6c 59 61 cf 17 8e 30 b6-ed a9 fc d4 a3 a2 de 4a   lYa...0........J
    0020 - 22 00 0c 1d 11 e9 64 80-83 f7 0e 2a 40 c6 f7 db   ".....d....*@...
    0030 - b3 ac 8a 0a 6b 25 57 9b-0d b4 fe 54 a3 e8 d2 b0   ....k%W....T....
    0040 - 65 2c 70 58 79 c4 44 ac-04 8a d7 d8 25 7e dc 5d   e,pXy.D.....%~.]
    0050 - 19 e7 48 d5 07 c6 ee b2-46 2e b7 b7 61 e3 e6 f5   ..H.....F...a...
    0060 - 3a 1a 9a 4c 7b 68 be 3b-d6 aa b2 a6 13 08 e6 a2   :..L{h.;........
    0070 - 29 91 aa f4 3f a2 eb 09-81 83 6f 86 6f 96 89 4f   )...?.....o.o..O
    0080 - f7 2c b7 03 7d d5 7f 23-ab a0 4d 38 ec de f8 c3   .,..}..#..M8....
    0090 - ee d9 7f 93 81 5d 06 68-fb 97 58 dd 20 ab 17 b9   .....].h..X. ...
    00a0 - 78 38 36 12 52 58 05 99-e5 8f 7d fe 05 d9 61 ea   x86.RX....}...a.
    00b0 - 18 97 b6 d7 83 02 66 27-3b 0c f4 89 69 4e 8d 71   ......f';...iN.q

    Start Time: 1540198537
    Timeout   : 300 (sec)
    Verify return code: 20 (unable to get local issuer certificate)
---

In this instance there is no security exception as there really is a trusted chain because it redirects to github.com, but it means from a CLI environment where recursive certificate look-ups (to find out an intermediate CA's signer) isn't available. It doesn't look like lynx has an "ignore SSL certificate issues" option, which is always dangerous unless you manually verify each time (so just as well), otherwise you need to use wget instead of lynx unavailable by default.

[chintanhingrajia]

Please use curl instead of lynx -source

LIKE:-

curl http://rawgit.com/transcode-open/apt-cyg/master/apt-cyg

[AdamReece-WebBox]

1 year ago, I had completely forgotten about this..

You can still use Lynx as the SSL/TLS certificate issue with raw.githubusercontent.com has since been resolved. Using cURL would have had the same problem anyway because they both use OpenSSL (typically) to handle SSL/TLS encapsulation.