what's the story with openssl?
David Benfell
benfell at parts-unknown.org
Mon Dec 29 02:45:43 UTC 2014
On Sun, Dec 28, 2014 at 02:57:19PM -0800, Michael Sierchio wrote:
>
> fetch (in the base system) uses environment variables, so you could set
> SSL_CA_CERT_FILE to the proper value with fetch. I don't remember of the
> top of my head how defaults are set in wget.
I now have three versions of this. And still no joy. It's badly
affecting some rss feeds I grab in a cron job:
[benfell at home ~]% r2e run
W: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed
(_ssl.c:581) [2] https://www.aclu.org/news/all/feed
W: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed
(_ssl.c:581) [3] https://www.talkingpointsmemo.com/feed/all
W: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed
(_ssl.c:581) [5] https://www.eff.org/rss/updates.xml
W: error 404 [15]
http://www.rollingstone.com/siteServices/rss/nationalAffairs
W: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed
(_ssl.c:581) [50]
https://www.reddit.com/.rss?feed=c2b643a98368cf2de1899f7b58ee18043ac8ac7b&user=n4rky
[benfell at home ~]% env | grep SSL
SSL_CA_CERT_FILE=/usr/local/openssl/cert.pem
SSL_CERT_DIR=/usr/local/openssl/certs
SSL_CERT_FILE=/usr/local/openssl/cert.pem
[benfell at home ~]%
And just for completeness:
--2014-12-28 18:44:53-- https://google.com/
Resolving google.com (google.com)... 2607:f8b0:4010:801::1009, 74.125.239.37, 74.125.239.33, ...
Connecting to google.com (google.com)|2607:f8b0:4010:801::1009|:443... connected.
ERROR: cannot verify google.com's certificate, issued by ‘/C=US/O=Google Inc/CN=Google Internet Authority G2’:
Unable to locally verify the issuer's authority.
To connect to google.com insecurely, use `--no-check-certificate'.
Thanks!
--
David Benfell <benfell at parts-unknown.org>
See https://parts-unknown.org/node/2 if you don't understand the
attachment.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20141228/f2eb1ab9/attachment.sig>
More information about the freebsd-questions
mailing list